Active Directory How-To

How To Back Up Active Directory System States

Why use third-party tools when all you need to get the job done can be found in Windows?

Before you can restore a file, folder, account, system state, etc., you have to back it up first. That would seem logical, but when you need to restore, it is not the time to realize that your backup has not been working or is corrupt. In this article, we will look at backing up the Active Directory System State. This is not meant to be a step-by-step intensive guide. We will look at the basics of how to get started. There are many third-party backup programs that will do the job nicely, but Windows has some built-in tools that work as well.

Windows Server Backup is not installed by default. You can install it using the Add Features option in Server Manager or from PowerShell. In order to add the feature using PowerShell, do the following:

  • Launch Powershell as an administrator on the server you wish to install the feature
  • Type the command, Add-Windowsfeature Windows-Server-Backup –Includeallsubfeature

The components that make up system state data depend on the server roles that are installed on the server. The system state data includes the following at a minimum plus additional data depending on the server roles installed.

  • Registry
  • COM+ Class Registration database
  • Boot files
  • Active Directory Certificate Services (AD CS) database
  • Active Directory database
  • SYSVOL directory
  • Cluster service information
  • Microsoft Internet Information Services (IIS) metadirectory
  • System files that are under Windows Resource Protection
  • Active Directory Federation Services

Backing up Active Directory in Windows Server 2012 R2 using PowerShell is now easier because of the Windows Server Backup cmdlets that are included with PowerShell. You can schedule backups to happen at specific intervals or you can perform a one-time backup. First, we will look at performing a one-time backup, but we will look at scheduling later. Wbadmin is the built-in command for backing up the system state. The wbadmin command replaced the ntbackup command.

(NOTE: You will not be able to recover backups that you created with ntbackup by using wbadmin. A version of ntbackup that will allow you to recover backups that you created using ntbackup is available for download from Microsoft. This downloadable version of ntbackup allows you to perform recoveries only of legacy backups and cannot be used to create new backups.)

The first thing that you will need to do if you haven't done so already is to install the Windows Server Backup feature.

To perform a backup of the system state, do the following:

  • Log into the domain controller as an administrator
  • Open PowerShell
  • Run the command wbadmin start systemstatebackup -backupTarget:<VolumeName>
    • (i.e. wbadmin start systemstatebackup -backupTarget:f:)

Make sure that you create the backup volume on a dedicated internal or external hard drive. A network shared folder cannot be used as a backup target for a system state backup. If you want to store a system state backup on a network shared folder, you would have to initially backup to a local volume and then copy the backup to the network shared folder.

Once you have your backup procedure in place and tested, you can create scheduled task to run the backup on a regular basis. You can use the Windows Backup Snap-in in the MMC to create a schedule to run backups at different times on different days, you can use Task Scheduler.

To use Task Scheduler and the Wbadmin command to create a backup schedule, do the following:

  • Click Start , click Administrative Tools , and then choose Task Scheduler .
  • In the Actions pane, choose Create Task .
  • On the General tab, give the backup a name select the Run with highest privileges check box.
  • On the Actions tab, choose New , and then do the following:
    • In the Actions drop-down list, click Start a program .
    • In Program/script , type: %windir%\System32\wbadmin.exe
    • In Add arguments , type the arguments that you wish to use with the wbadmin command.

As with any backup, it is important to store it in a safe place. If a catastrophic disaster destroys your data center, you want to make sure that you have your backups in a safe off-site location. Keep the following in mind when you are backing up system state data:

  • You must be an administrator or a backup operator to back up files and folders.
  • You can only back up the system state data on a local computer. You cannot back up the system state data on a remote computer.
  • You can also use the Backup wizard to back up system state data.
  • Store your backups in a secure location.

About the Author

Troy Thompson has worked in network administration for over 25 years, serving as a network engineer and Microsoft Exchange administration in Department of Defense, writing technology articles, tutorials, and white papers and technical edits. Troy is a Cisco Certified Academy Instructor (CCAI), and has numerous other certifications including CCNA, MSCE+I, Network+, A+ and Security+. Troy has also traveled the world playing music as the guitarist for the band Bride. Contact information is [email protected].


comments powered by Disqus

Subscribe on YouTube