Non-Authoritative Restore of System State Backup in Windows Server 2012 R2

How to perform Non-Authoritative Restore in Windows Server 2012 R2

Non-Authoritative restore is required to restore the System State backup. In the old post we learned the steps to take system state backup. In this post, we’ll learn the steps to perform non-authoritative restore in Windows Server 2012 R2. Non-Authoritative restore is primarily required for an environment in which we only have one Domain Controller. However, if you have multiple Domain Controllers then you can perform Authoritative restore. In the future post, we’ll show you the example of Authoritative restore. In addition to that we’ll also help you to understand the difference between Authoritative restore and Non-Authoritative restore.

Let’s assume a scenario, in which we have one Domain Controller and we created an OU named Sales. Within the OU we have created some domain users and we have also taken system state backup. Assume that one of the Administrators have deleted the sales OU and now we need to restore the same by using the System State Backup. Please take a note, we are assuming an environment in which we only have one Domain Controller and not multiple Domain Controllers.

Steps to perform Non-Authoritative Restore of System State Backup

1. To start with the process of restoring deleted OU. Open Run and type “msconfig”. It will allow us to boot the system in Directory Service Restore Mode (DSRM). Directory Service Restore Mode is a mode in which Active Directory doesn’t run. We set the Administrator password for DSRM mode while promoting a Domain Controller.

2. On System Configuration console, Select the Safe boot option under Boot options. Select Active Directory Repair, click on apply and Ok. It will boot the server in DSRM mode. Click on Apply and then click on Ok. Alternatively, you can restart the server and press F8 after the BIOS screen. Select Directory Services Repair Mode from the Advanced Boot Options and click enter for DSRM mode. It is must that you are in DSRM mode to perform non-authoritative restore.

3. To perform non-authoritative restore, open Windows Server Backup console in the restore mode and click on “Recover” to start the non-authoritative restore process.

4. On Getting Started console, select “This server” if the backup is stored on the same server or select “A backup stored on another location” if the backup is stored on some other location. Click on Next to continue.

5. On Select Backup Date console, select the date and time of system state backup that we are restoring. Click on Next to continue.

6. On Select Recovery Type console, you can select the recovery type. In this example we’ll select System State which we want to recover. Click on Next.

7. On Select Location for System State Recovery console, select “Orginal location“to perform non-authoritative restore. You can select “alternate location”, if you want to restore backup to alternate location. In the future articles, we’ll cover the usage of alternate location recovery. Click on Next to continue.

8. On Confirmation console, verify the recovery items and click on “Recover” to start the recovery process.

9. On Recovery Progress console, we can see the status of recovery progress.

10. After the recovery is completed. Before restarting the server, again run “msconfig” and uncheck the safe boot option. Otherwise, the server will again boot in DSRM mode.

11. After restarting the server, open Active Directory Users and Computers and verify that the OU that we deleted and all its users are restored successfully.

In the future article, we’ll cover the process of recovering deleted OU in multiple Domain Controller environment.