0

I want to review if there are any additional recommendations or unnecessary steps for restoring to dissimilar physical hardware running Windows Server 2008 R2 or above or any holes in the below procedure for an AD server:


Note: Ensure donor machine has identical CPU type as original server.
1.) Install operating system (image backup of applications on OS drive preferred)
a. Apply all the latest Service Packs and patches to donor machine
2.) Copy files before restoring system state
a. Create folder C:\WindowsFiles
b. Copy to C:\WindowsFiles the following files:
%systemdrive%\boot.ini
%systemdrive%\ntdetect.com
%systemdrive%\ntldr
%systemroot%\system32\hal.dll
%systemroot%\system32\kernel32.dll
%systemroot%\system32\ntoskrnl.exe
%systemroot%\system32\ntkrnlpa.exe
%systemroot%\system32\ntdll.dll
%systemroot%\system32\win32k.sys
%systemroot%\system32\winsrv.dll
%systemroo%\system32\drivers\etc\hosts
3.) Restore system state backup
4.) Copy the “WindowsFiles” back to the original location
5.) Reboot the system
6.) Install additional OS drivers
7.) Reboot 2 more times to confirm no issues

Scripts4Life
  • 39
  • 2

1 Answers1

3

You do not want to use the normal System State Restore procedures when dealing with Active Directory Domain Controllers nor can I find any reference to copying over all those System Files in the System Restore documentation; you might want to rethink that step for your other servers.

For Active Directory Domain Controllers you need to decide what kind of restore you are going to do (authoritative or non-authoritative), take special care to avoid any race conditions that could cause ugliness like a USN rollback and figure out how you are going to handle the FSMO roles if required.

If your infrastructure has at least one healthy Domain Controller the recommended restore procedure is to do a fresh install on a new machine, promote it and wait for Active Directory replication from your healthy Domain Controller to do the rest. No restore from System State backup or worse a VM snapshot/checkpoint is necessary.

If you no longer have any working Domain Controllers or you accidentally nuked a significant portion of your Active Directory things get substantially more complicated. Please read the relevant documentation and I recommend you engage with a Microsoft support engineer to help unless you are very familiar with the process. Also once you have finished your restore, you should investigate why your Active Directory design is not robust enough to sustain a failure of a Domain Controller or two or why you haven't started using Active Directory Recycle Bin respectively.

Please see:

Restore Process with a Working Domain Controller

Restore Process Without a Working Domain Controller

  • This restoration case would be for a single domain controller that has failed catastrophically and original hardware won't boot. In this case I would be restoring to a dissimilar standby server in cases where the original hardware has failed. Typically larger businesses have multiple domain controllers and dedicated backup servers. The scenario I am interested in solving is very small businesses with a single server without such saving graces where restoration to standby server is needed, but only system state and files are available. – Scripts4Life Feb 11 '15 at 06:00