ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

HELP !! DR on OU in AD

2003-04-03 12:11:38
Subject: HELP !! DR on OU in AD
From: "Consiglio, Tony" <consigli AT BUFFALO DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 3 Apr 2003 12:11:35 -0500 
Hello,
        I was wondering if anyone might help shed some light on these
questions. I can not find a specific answer anywhere

Scenario:
        - Using TSM 5.1x
        - also tried using NTBackup on W2K DC
        - 12 DC's - all DC's are fine, AD NOT corrupt, syncing just fine.
        - One OU (nested or otherwise) appears to be corrupt in AD. I need
to restore "just that OU" not the entire AD

Questions:
        1.) Is the only way to restore a bad/corrupt OU, to use NTDSUtil and
run through the command lines to do an"Authoritative  restore of that
particular "SUB-Tree"? (ie.. ntdsutil:> authoritative restore - restore sub
tree [location]- quit.

        Example: The rest of the AD is fine...However, for some reason an
Admin feels that OU is corrupted...  After troubleshoot we decide to restore
just that OU.
                a.) Can I assume at this point, that this corrupt OU has
Sync'ed across the AD?
                b.) If not: what are my options?
                c.) If so: What are my options then? (Do I have to do any
cleanup in the AD anywhere, first?)
                d.) Is there any other way to restore a corrupt OU in the AD
other than using NTDSUtil?


2.) If we have determined that we need to restore just a corrupt OU, "How"
and "Where" do I restore that "OU" from?? (I ask  this because even in
NTBackup, when you do a restore, all you see is the "system state" object
called "AD". Nothing allows  you to drill down to a "specific" OU and select
"just that" OU to restore back to a DC. So how do I "find" the OU I need to
restore into AD from Tape? or from any backup media.....
                a.) Do I have to do an "entire AD  restore
"authoritatively", to get back one OU? [I know that the NTDSUtil allows the
ability to restore just a single OU, but  where am I getting that "good OU
data and/or object" from?]

3.) Assuming I now know where to get the good OU object data from, and
assuming that the corrupt OU has sync'ed across AD,  which DC do I chose to
put into DR mode (F8) and restore the good OU data to? [Given the fact  that
the rest of the AD is fine (I surly "DO NOT" want to fat finger the entire
AD by doing an Authoritative restore in the  wrong place and causing more
issues)].

Any and all help would be great.

Thanks
Tony

********************************************
Anthony F.Consiglio
Senior Systems Analyst II
Network Engineer, LAN Systems
Tel: 645-7340, FAX: 645-3543
E-MAIL: consigli AT buffalo DOT edu
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Windows 2000 - not backing up all drives, Rushforth, Tim
Next by Date:  Re: Sum of inactive versions, bbullock
Previous by Thread:  Exchange 2000, Mark Morrison
Next by Thread:  Re: HELP !! DR on OU in AD, Rushforth, Tim
Indexes:  [Date] [Thread] [Top] [All Lists]