Friday, February 18, 2011

Authoritative and Non-Authoritative restore of an active directory

Non Authoritative  The default method of restoring an active directory is Non-Authoritative. This method will restore an active directory to the server in question and will then receive all of the recent updates from its replication partners in the domain. For example, a server that has a System State backup from two days ago goes down. A restore of the two-day old active directory would be performed and it would then be updated from the other domain controllers when the next replication takes place. No other steps would be required

Authoritative: This method restores the DC directory to the state that it was in when the backup was made, then overwrites all the other DC's to match the restored DC, thereby removing any changes made since backup. Authoritative restores do not have to be made of the entire directory, to restore only parts of the directory. When only parts of the active directory are restored, say an organizational unit, this information is pushed out to the remaining DC's and they are overwritten. However, the rest of the directory's information is then replicated to the restored DC's directory and it is updated

No comments:

Post a Comment