Monday, September 15, 2014

Using Active Directory Snapshot and Dsamain Tool

A snapshot is a form of historical backup that captures the exact state of the directory service at the time of the snapshot was taken. You can recover deleted AD items form snapshot taken by you if the Object that you want to recover was present at the time of snapshot creation.

Step 1: Creating an AD DS Snapshot

  1. Open the command prompt.
  2. Type ntdsutil press Enter.
  3. Type snapshot press Enter.
  4. Type activate instance ntds press Enter.
  5. Type create press Enter.
  6. You should get a successful creation message with a unique GUID number for each snapshot, copy it.
  7. Exit from the command prompt. And delete Dixit user that we have created in previous post from AD to test Snapshot.




 Step 2: Mount an Active Directory snapshot

  1. Open cmd prompt as a Admin privilege type ntdsutil (a command line utility to manage AD database).
  2. Type snapshot then press Enter:
  3. Type activate instance ntds press Enter
  4. Type list all press Enter
  5. Type mount <GUID> is the GUID returned by the Create command in Step 1.
  6. Type quit press Enter
  7. Type quit press Enter
  8. Type the following command to add your snapshot with LDAP instance.
  9. Type dsamain /dbpath C:\$SNAP_datetime_volumec$\windows\ntds\ntds.dit /ldapport 44000 press Enter


Step 3: Explore a snapshot with Active Directory Users and Computers

  1. Switch to Active Directory Users and Computers. Right-click and then click Change Domain Controller.
  2. Click <Type a Directory Server name[:port] here>, type seat2.mumbai.com:44000, and then press Enter. Click OK. (replace your domain name and port number).
  3. Double-click mumbai.com.
  4. Double-click the Sales OU.
  5. Locate the Dixit user account object. Note that the Dixit object is displayed because the snapshot was taken prior to deleting it. Great You have done this.

Step 4: Unmount an Active Directory snapshot
  1. You can also unmount AD snapshot if there is no requirement for it, Follow next steps to achieve this.Open command prompt as an admin privilege and Type the following commands:
  2. Type ntdsutil press Enter
  3. Type snapshot press Enter
  4. Type activate instance ntds press Enter 
  5. Type list all press Enter 
  6. Type unmount guid (replace guid with your snapshot GUID).
  7. Type list all press Enter.
  8. Type quit and exit form cmd.


If you encounter any error kindly drop your query in the comment box.
Posted by
Labels:

1 comment:

  1. Snabay NetworkingApril 10, 2019 at 6:55 PM

    Hello, an amazing Information dude. Thanks for sharing this nice information with us.
    Basic Concept of Computer Network

    ReplyDelete

Subscribe to: Post Comments (Atom)