Upgrade to remove ads
Server Chap 4 - 3 book
Terms in this set (40)
AD Recycle Bin
enables you to restore deleted AD objects w/o complexity of rebooting a DC computer in DSRM
When was Recycle Bin available?
WS2008R2 but only by command line
Recycle bin is enabled at forest or domain level?
If objects that you need to restore were deleted prior to enabling Recycle Bin you will need to use what?
What is the default value when you enable AD recycle bin
How do you modify recycle bin value?
change msDS-deletedObjecLifetime attribute using Set-ADObject or ldp.exe
Where can you access AD Recycle Bin?
What can't you restore with AD Recycle Bin?
child objects if a parent object is deleted; Restore parent then restore child object
AD is backed up when you perform a backup of____
server's system state which occurs when you back up all critical volumes on a DC.
What is the primary tool used to backup AD?
Windows Server Backup
Is Windows Server Backup installed by default?
How do you install Windows Server Backup
Add Roles and Features wizard
How can you configure objects from being deleted?
Edit the Object properties.
What is the simplest way to recover deleted AD objects?
AD Recycle Bin
If forest is at WS2003 or WS2008 forest functional level can Recycle Bin be used?
If AD Recycle Bin is not available how do you restore an object?
Restart computer in DSRM and perform authoritative restore
How can you modify the tombstone life of authoritative restore?
ADSIEdit or Set-ADObject
Where should you perform an authoritative restore?
server that holds Global Catalog role
What happens when you mark an object for authoritative restore?
the version number of the object is incremented higher that the version that applies to the deleted object
Where can you use authoritative restore?
-objects in domain directory partitions- objects can be restored on any DC in domain
-objects in application directory partitions - These objects need to be restored on DC that host that specific application directory application (if application directory partition is deleted completely then the restoration must occur on the computer that holds the domain-naming operations master role
-objects in configuration directory partitions - can be restored on and DC in the forest
How do you start a DSRM restore?
run msconfig.exe, select Boot tab, Safe Boot option with Active Directory Repair. Need DSRM password
How do you reset DSRM password?
ntdsutil "Set DSRM Password" "Reset Password on server NULL" quit quit
Steps to perform authoritative restore?
- locate most recent system backup
- restart DC in DSRM mode and enter password
- use Windows Server Backup to restore the system state data
- use ntdsutil with "authoritative restore" option to restore the item
restore object Neptune from the OU Planets in the domain contoso.com
ntdsutil "authoritative restore" "restore object cn=Neptune, ou=Planets, dc=contoso, dc=com" quit quit
What do you need to do if you want to restore all objects underneath OU?
ntdsutil "authoritative restore" "restore subtree OU=Planets, dc=contoso, dc=com" quit quit
When are non-authoritative restores appropriate?
when the AD database has been corrupted and needs to be recovered
Do you use a non-authoritative restore to recover a deleted item?
No. If you do the object will be overwritten with replication changes.
Performing a full system reovery on a DC functions in a similar way to performing a _____. When the recovered DC boots, all changes that have occurre in AD since the backup was taken ____ existing info in the DB.
non-authoritative restore, overwrite
What is tombstone reanimation
Use ldp.exe utility to modify attributes of deleted objects
What can you use to determine which backup contains the items you want to authoritatively restore?
possible to export objects from snapshot and reimport with this tool
AD Recycle Bin is ___ on a per-___ basis and can't be _____
enabled, forest, disabled
Minimum requirement for AD Recycle Bin
Forest functional level of WS2008R2
How long do objects stay in AD Recycle Bin?
How can you modify AD Recycle Bin lifetime?
msDS-deletedObjectLifetim attribute using Set-ADObject or ldp.exe
Do items recovered from AD Recycle BIn retain their original attributes?
If you just enabled AD Recycle BIn can you restore items previous to it being enabled?
What gets backed up in AD database?
system state data of DC
How do you perform a recovery if AD Recycle Bin has not been enabled?
authoritative restore from DSRM.
Should you perform authoritative restores on Global Catalog server?
YOU MIGHT ALSO LIKE...
Alice Chapter 1
Exploring Computer Science - Ch 1 & 2 Test
OTHER SETS BY THIS CREATOR
VMware Chap 8
CCNA 2: Chap 1 Routing Concepts