Active Directory is a namespace that can resolve objects like users, systems and services on a network

objects attributesschema

containerstree

forest

Source: http://technet.microsoft.com/en-us/library/bb742424.aspx

accidentally deleted •  Snapshot

side-by-side

•  Attribute Editor

Source: http://technet.microsoft.com/en-us/library/cc754544(v=ws.10).aspx Source: http://blogs.technet.com/b/industry_insiders/archive/2007/10/31/windows-server-2008-protection-from-accidental-deletion.aspx

Source: http://blogs.chrisse.se/2012/11/28/how-the-active-directory-data-store-really-works-inside-ntds.dit-part-4/

•  Discover what has changed incl attributes

•  1 DC virtualized and is gone

•  AD corruption gets replicated

•  Virtual Labs

•  DNS server – recovery versus see what it is

•  GPO – restore test in Virtual Lab

Delete FS01 | Un-Delete FS01

Universal Application Item Restore (U-AIR)

Setup backup job options

What is a Transaction Log (AD/EXCH/SQL)

vLOG 1 vLOG 2 vLOG 3 vLOG4

EDB.log

START MinLSN* Last checkpoint

END

Source: http://technet.microsoft.com/en-us/library/ms179355(v=sql.105).aspx

vLOG 3 vLOG 4

EDB.log

START MinLSN Last checkpoint

END

*: MinLSN is the log sequence number of the oldest log record that is required for a succesfull database-wide rollback.

Active Directory Files ntds.dit: AD Database edb.chk: checkpoint of commits temp.edb edb.log: transaction log All changes first to transaction Afterwards committed by database engine to ntds.dit

edbxxxxx.log: Auxiliary Log edb.log – full > writes to edb.temp > edb.log rename to edbxxxxx.log

edbres00001/2.jrs: alert when disk fills up Reserve files > when created error in system log > System Center

Source: http://www.omnisecu.com/windows-2003/active-directory/active-directory-files-and-functions.htm

Backup job process

DC01 DC02

DAY 1 1398 3251

DAY 2 1675 3564

DAY 3 1954 3871

RECOVERY 1398 ! 3871 !

RECOVERY 1955 3871