1 / 38

Active Directory Maintenance, Troubleshooting, and Disaster Recovery

Active Directory Maintenance, Troubleshooting, and Disaster Recovery. Lesson 11. Skills Matrix. Performing an Offline Defragmentation. Restart your domain controller, and press F8 after the BIOS information is displayed.

Download Presentation

Active Directory Maintenance, Troubleshooting, and Disaster Recovery

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Active Directory Maintenance, Troubleshooting, and Disaster Recovery Lesson 11

  2. Skills Matrix

  3. Performing an Offline Defragmentation • Restart your domain controller, and press F8 after the BIOS information is displayed. • Select Directory Services Restore Mode (Windows Server 2008 domain controllers only), and press Enter. • Select the Windows Server 2008 operating system, and press Enter. Lesson 11

  4. Performing an Offline Defragmentation (cont.) • Log on to Windows Server 2008 with the local Administrator account. This account is defined in the local computer database, not the Domain Administrator account. • From the Start menu, key cmd to open a Command Prompt window. • Key ntdsutil, and press Enter. Lesson 11

  5. Performing an Offline Defragmentation (cont.) • Key files, and press Enter. • Key info, and press Enter to view the current location of the Active Directory data files. • At the files prompt, key the following command, replacing drive and directory with the destination path for the compacted database: compact to drive:\directory Lesson 11

  6. Performing an Offline Defragmentation (cont.) • Press Enter to initiate the creation of a new ntds.dit file in the specified directory. • Key quit, and press Enter to exit the Ntdsutil utility. Key quit again to return to the Command Prompt window. • Copy the new ntds.dit file from the directory you specified earlier to the current Active Directory database path, which is C:\Windows\Ntds by default. Lesson 11

  7. Moving the Active Directory Database and Log Files • As a precaution, back up the volume containing the Active Directory database. • Click Start, click Administrative Tools, and then click Services. The Services MMC snap-in is displayed. • Right-click Active Directory Domain Services, and click Stop. Lesson 11

  8. Moving the Active Directory Database and Log Files (cont.) • Click Yes to stop the additional services. • From the Start menu, key cmd to open a command prompt window. • Key ntdsutil, and press Enter. • Key files, and press Enter. Lesson 11

  9. Moving the Active Directory Database and Log Files (cont.) • Key info, and press Enter to see the current file information for the Active Directory database and logs. • At the files prompt, key the following command, replacing drive: and directory with the destination path where you will move the database: move DB to drive:\directory Lesson 11

  10. Moving the Active Directory Database and Log Files (cont.) • Press Enter to move the database to the new location. • To move the Transaction log files, key the following command at the files prompt: move logs to drive:\directory Lesson 11

  11. Moving the Active Directory Database and Log Files (cont.) • Press Enter to complete the command. • Key quit, and press Enter twice to exit the Ntdsutil utility and command line. • From the Services MMC snap-in, right-click Active Directory Domain Services, and click Start. Lesson 11

  12. Moving the Active Directory Database and Log Files (cont.) • Wait a few seconds, and then refresh the Services MMC snap-in to confirm that the additional services have restarted successfully. Lesson 11

  13. Performing a Manual Active Directory Backup • Log on to the domain controller as the default Administrator or a member of the Backup Operators group. • On the Start menu, click Administrative Tools, and select Windows Server Backup. The Windows Server Backup window is displayed. Lesson 11

  14. Performing a Manual Active Directory Backup (cont.) • In the right pane, select Backup Once. • Because you have not configured scheduled backups, the only available option is the Different Options radio button. Click Next to continue. Lesson 11

  15. Performing a Manual Active Directory Backup (cont.) • If you are backing up to a local device, select Custom, and click Next. • Ensure that the destination volume has been deselected, and click Next. Lesson 11

  16. Performing a Manual Active Directory Backup (cont.) • Select a local drive or remote shared folder to store this backup, and click Next. • In the Backup Destination drop-down box, select the appropriate backup destination, and click Next. • Select one of the listed backup types, and click Next. Lesson 11

  17. Performing a Manual Active Directory Backup (cont.) • To begin the backup process, click Backup. • When the backup is complete, click Close. Lesson 11

  18. Configuring Scheduled Active Directory Backups • Log on to the domain controller as the default Administrator or a member of the Backup Operators group. • On the Start menu, click Administrative Tools, and select Windows Server Backup. • In the right pane, select Backup Schedule. • Click Next. Lesson 11

  19. Configuring Scheduled Active Directory Backups (cont.) • If you are backing up to a local device, select Custom, and click Next. • Verify that the destination volume has not been selected, and click Next. • Select the time that you want the backups to take place, and click Next. Lesson 11

  20. Configuring Scheduled Active Directory Backups (cont.) • If your backup destination disk does not appear automatically, click Show All Available Disks. • Place a checkmark next to the destination, and click OK. • Place a checkmark next to the desired destination disk, and click Next. Lesson 11

  21. Configuring Scheduled Active Directory Backups (cont.) • Read the warning, and click Yes to continue. • Click Next to continue. • Click Finish to schedule the backup. The destination disk will be formatted automatically. • Click Close to return to the Windows Server Backup window. Lesson 11

  22. Performing an Authoritative Restore • Open a command prompt window. • Key ntdsutil, and press Enter. • From the Ntdsutil menu, key activate instance NTDS, and press Enter. Lesson 11

  23. Performing an Authoritative Restore (cont.) • Still working from the Ntdsutil menu,key authoritative restore,and press Enter. • To restore a single object, key restore object <ObjectDN>, and press Enter. • To restore a container and the objects it contains, key restore subtree <ContainerDN>, and press Enter. Lesson 11

  24. Performing an Authoritative Restore (cont.) • Click Yes to perform the authoritative restore. • Key quit, and press Enter twice to return to the command prompt. Lesson 11

  25. Performing an Authoritative Restore (cont.) • If back-links need to be restored, restart the domain controller in normal mode. • Open a command prompt, key ldifde –i –f <LDIF file name> -s <FQDN of the local DC>, and press Enter. • Close the command prompt window. Lesson 11

  26. Using the Reliability and Performance Monitor • Click Start, click Administrative Tools, and then click Reliability and Performance Monitor. • Drill down to Monitoring Tools, and click Performance Monitor. • From the Performance Monitoring console, click the green plus sign (+) on the menu bar. Lesson 11

  27. Using the Reliability and Performance Monitor (cont.) • In the Add Counters dialog box, select the computer from which you want to obtain data. • In the Performance Object list, select the performance object you want to monitor. Lesson 11

  28. Using the Reliability and Performance Monitor (cont.) • Select the counters you want to monitor. • If you want to monitor all counters, select the All Instancesbutton from the Instances of Select Object dialog box. • If you want to monitor only particular counters, select the appropriate instance. • Click the Add button. Lesson 11

  29. Using the Reliability and Performance Monitor (cont.) • When you are finished adding counters, click OK. • On the toolbar, you can change the display output to reflect graph, histogram, or report display by choosing the appropriate tool. Lesson 11

  30. Diagnosing and Troubleshooting Active Directory • 0 (None) • 1 (Minimal) • 2 (Basic) • 3 (Extensive) • 4 (Verbose) • 5 (Internal) Lesson 11

  31. You Learned • Active Directory has two defragmentation methods: online defragmentation and offline defragmentation. Online defragmentation is an automatic process triggered by the garbage collection process. Offline defragmentation is a manual process that requires the server to be restarted in Directory Services Restore mode. The Ntdsutil command-line utility is used to perform the offline defragmentation. Lesson 11

  32. You Learned (cont.) • The Active Directory database can be moved to a new location if you decide that there is a need to relocate it due to space limitations. This is accomplished with the Ntdsutil command-line utility. • When you back up Active Directory, you must include the System State data. The System State data includes operating system-specific information needed for installed services and operating system components to function. Lesson 11

  33. You Learned (cont.) • In the event of a domain controller failure, two restore options are available in Windows Server 2008: authoritative and nonauthoritative. An authoritative restore uses the Ntdsutil command-line utility and allows you to mark records that supersede any existing records during replication. Lesson 11

  34. You Learned (cont.) • The nonauthoritative restore method restores the Active Directory database to its state before the backup. After a normal restore, replication of more recent object information from other domain controllers is used to update the database to match all other domain controllers. Lesson 11

  35. You Learned (cont.) • Active Directory cannot be restored from a backup that is older than the default tombstone lifetime of 180 days. Domain controllers keep track of deleted objects only for the duration of the tombstone lifetime. Lesson 11

  36. You Learned (cont.) • When monitoring the health of Active Directory, you can examine the Directory Service log to obtain information. The Directory Service log is created when Active Directory is installed. By default, it logs informational events, such as service start and stop messages, errors, and warnings. Additional diagnostic logging can be achieved by modifying the registry. Lesson 11

  37. You Learned (cont.) • The Reliability and Performance Monitor in Windows Server 2008 allows you to collect real-time information on your local computer or from a specific computer to which you have permissions. This information can be viewed in a number of different formats that include charts, graphs, and histograms. Lesson 11

  38. You Learned (cont.) • The Reliability and Performance Monitor uses performance objects, or categories, and performance counters to organize performance information. Performance counters are the specific processes to monitor. Many counters are available. Lesson 11

More Related