Active Directory Disaster Recovery using Windows Server Backup – Part 2

This is part 2 of a 3 part post.  Part 1 gave a brief outline as to why I’m doing this and part 3 is where we actually hose our A.D (in a test environment obviously!) and complete a restoration.

So in this post we will use Powershell to create an immediate one-time back-up that we can use to restore Active Directory in the event of a catastrophic disaster.

As a quick side-note, we can also do this using the GUI in Server backup but where would be the fun in that?

1 – I thought I’d include a separate back-up of the GPO’s just as an extra precaution as it’s so easy to do.  One thing to bear in mind is that the actual GPO links will not be backed up, nor will any WMI filters that you have created.

As we are using Powershell version 2.0 we need to manually import the module that we require with:

import-module grouppolicy

We can then back-up all of our GPO’s to the location specified by the path parameter:

DR1 - Backup GPOs

2 – The next task is to import the ServerManager module with import-module servermanager

DR2 - Import ServerManager Module

3 –  Next, install Windows server backup which happens to be a Windows Feature:

DR3 - Add-ServerBackup

4 – Finally, load the snap-in and we’re good to go:

DR4 - Load Snapin

5 – We will create a new backup policy called DRPol and add the Bare Metal Recovery option to it.  This option sets the system volume to a full image backup:

DR5 - Add Baremetal

6 – Next we’ll add the System State as a backup option:

DR5a - Add SystemState

7 – And finally the VSS options.  An important note here: if you already have a back-up solution in place, ensure that you use the parameter of -VSSCopyBackup.  If you don’t (as in this example) use the parameter of -VSSFullBackup

DR5b - Add VSS

8 – Bear in mind that there are also other file \ folder options we could add to our back-up policy if we needed to and you may wish to explore the full powershell help files.  Next we create a variable that will hold the back-up destination.  I chose a share on another DC in this example:

DR6 - Add Backup target

9 – Now assign the back up destination to the policy:

DR7 - Add Backup target to the policy

10 – And finally, run the back-up as a one time command:

DR8 - Run onetime backup

 

11 – Just for kicks, here is what our back-up looks like in the GUI of Windows Server Backup:

gui

 

In part 3 of this article we will implement a restoration of Active Directory following a disaster situation.

 

 

Be the first to comment

Leave a Reply

Your email address will not be published.


*