U-Move backs up, restores, and migrates Active Directory environments

Move It!

Restore Without Complications

Next, I deleted various organizational units and user, computer, and group policy objects from my environment and proceeded with the Restore , which lets you reinstate an earlier state of the AD on a DC that is still functional. If you want to restore the AD on a newly installed replacement machine, the wizard offers the Clone tab.

In the first step, you are allowed to choose between a Simple restore or Comprehensive restore , which also restores additional information, such as the databases of application servers, if desired. In my case, the Simple restore was fine because I only needed to restore the AD, including the SYSVOL share.

In terms of possible sources for a restore, U-Move proved to be extremely flexible (Figure 2). As an alternative to a BKF file or a previously unpacked staging folder, a volume shadow copy of the local hard disk, a backup data set of the Windows server backup at a local or remote location, or the hard disk of a system that is no longer bootable were available for selection. In the case of a no longer bootable system, a physical or virtual hard disk, an image file obtained with third-party tools, or otherwise extracted data would be eligible. U-Move recovers data in almost any scenario as long as the original DC's data is still readable under the C:\Windows, C:\Users, and C:\ProgramData paths. For installations in deviating paths, the online help describes in detail what information the restore requires.

Figure 2: U-Move uses various sources for the restore.

In the next step, I decided to restore a BKF file and specified the path to my archive, followed by an empty staging folder. The wizard unpacked all the data contained in the backup into this folder, showing an overview of the backup contents on the filesystem. The wizard skipped the configuration of IP addresses and target directories as part of the simple restore.

In the dialog step that follows, you have to decide between an Authoritative Restore or Non-authoritative Restore . In the case of the third option, Normal Restore , U-Move would merge the contents of the SYSVOL shares of several DCs in the case of inconsistent DFS replication – an undertaking that the manufacturer explicitly warns against in the GUI and in the online help under the Normal Restore is Abnormal head. Because I wanted to reinstate an earlier state of my AD database, I opted for the first option, the Authoritative Restore . Again, once I pressed Finish to start the operation, U-Move restored the backup in less than a minute and triggered a reboot. Afterward, I could see for myself that U-Move had restored the AD to its previous state without any complications.

Flexible Backup According to Schedule

The third tab, Schedule , lets you configure a regular backup on a schedule, either daily at a specific time, weekly on a specific day, or on a user-defined schedule. You are also allowed to choose whether the backup is to run in the context of the local system or under a different user account, which has the advantage that this user can interactively follow the progress of the backup if they are logged in at the appropriate time. Furthermore, a user with appropriate permissions can also write the backup directly to a network share, which the local system itself is not able to do.

In this case, I specified the destination path for the backup and how many version levels I wanted U-Move to keep. By default, the tool keeps the last 14 backups. As with a manual backup, you have options for password-protecting the backup and for configuring notifications when the task is complete by local or remote system messages and email.

These scheduled backup options are also provided in the Advanced section in the sidebar. Once the configuration is completed, U-Move automatically creates a scheduled task. Afterward, the new Cancel the scheduled backup option appears in U-Move's Schedule Wizard for removing the task, if so desired. Alternatively, the scheduled task could simply be deleted manually with on-board Windows tools.

Move DCs by Cloning

All the scenarios on the Clone tab assume that the original DC is no longer accessible, and the recovery targets another machine on the same or a different network. U-Move differentiates between the fastest possible recovery on the same network in the context of disaster recovery, a planned migration to a replacement machine, copying to an isolated test environment, and migrating to a cloud or another network segment. The scenarios differ primarily in the recovery steps that U-Move recommends but, more importantly, in whether or not the recovery adopts the IP address and other network settings from the original system.

In my tests, I installed a machine with a different name and IP address on the local network parallel to the DC, without joining it to the domain. After shutting down the DC, I installed U-Move on the new system and set about restoring from the BKF file, which was similar to the restore process before.

However, the wizard now asked additional questions about handling the network settings. I decided to use the option I am replacing the old domain controller on the same network. Copy the IP addresses, and I was then prompted to review and confirm the IP address and DNS settings of the original system stored in the backup. U-Move then took care of everything else automatically, installing all the Windows components necessary for operation in DC mode and restoring the AD database, SYSVOL share, and DNS server. After the obligatory reboot, the server booted with the identity of the original DC, and the AD environment was back on track in no time.

A second restore of the domain in a completely separate test environment also went ahead without complications. In this case, I wanted to duplicate the AD on a virtual machine (VM) in the Microsoft Azure cloud away from the local network. There, too, I had installed U-Move and started the clone wizard. This time I selected the option I am cloning the domain controller to an isolated test lab. Do not copy the IP addresses ; then, I only had to intervene with the VM's network settings manually and configure local loopback address 127.0.0.1 as the primary DNS server and the Azure cloud's external DNS server as the secondary because U-Move did not change the network settings as instructed. Apart from that, this process was also fully automated, and after rebooting the machine, I had an identical clone of the production AD.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus