Missing Organisational Units after restore

baltej.giri · May 3, 2021, 7:09pm

Home Lab in Hyper-V Environment

I have setup similar labs as per Module 2: Active Directory & Identity with Windows Server. I am missing ‘Organizational units’ in Active Directory after I restored system state files from backups. Basically, I created a Active Directory lab on server 2019 then created OUs.

For testing purposes, I took system state backup using windows backup tool then I manually deleted organizational units. Therefore I did to restored the backup using following steps:

Booted server in safe mode with Active Directory Repair
In CMD wbadmin get versions to see backups
Started Recovery with webadmin start systemstaterecovery -version:[Insert your identifier here] -authsysvol
Went through questions from cmd then finally when process is completed, changed system configuration settings to boot normally.
Restarted server, In AD I am unable to see Organization units.

It’s been a roadblock in my learning! I need to get pass this.

ServerAcademy · May 4, 2021, 8:41pm

Are you sure that you took a backup after you created those OUs? It sounds like you’re doing everything right but either that data doesn’t exist in the backup or the backup isn’t successfully completing.

Try again - this time taking screenshots at each step.

baltej.giri · May 4, 2021, 8:57pm

Hello @ServerAcademy,

Thanks for your reply, I did restore the system state files twice and made sure I am not picking older backups. As as as errors I did not see any errors.

I will run the process third time and take screen shots at each steps.

ServerAcademy · May 4, 2021, 9:33pm

Ok got it. There can be a lot of variables when you run your own lab but we will figure it out and get it working!

baltej.giri · May 4, 2021, 10:26pm

@ServerAcademy,
I did re-run the restore process with the latest backup file. But I still can not see organization units there.

Created video for the whole recovery process, please find it here https://youtu.be/nqIpGCew088

ServerAcademy · May 5, 2021, 12:48am

Ok I see the issue you’re having. Let’s trying turning off DC02 when you do the recovery and make sure that it’s not being overwritten by DC02.

baltej.giri · May 5, 2021, 5:06am

@ServerAcademy Thank you first of all helping me along the way.

A Great News, I was able to recover OUs from backups. I basically turned off the DC02 in VM and then repeated the steps to recover the AD from backup as you mentioned. Now, I can see all the OUs.

baltej.giri · May 5, 2021, 8:38pm

@ServerAcademy I know the issue that i reported is not resolved. I still want to know why having 2nd DNS server online did caused the issue to not show Organization Units?

ServerAcademy · May 6, 2021, 1:38pm

The second DC is replicating its data to DC01. DC02 thinks that particular OU should be deleted - so when DC01 turns on, DC02 says “hey - thats an old OU and it was deleted so go ahead and remove it.”

When you turn off DC02, this doesn’t happen. I bet as soon as you turn it on the OU would disappear however. The authsysvol flag should negate this however.

See if your DC01 is authoritative:

This might be helpful: https://social.technet.microsoft.com/Forums/windowsserver/en-US/4119db73-455d-435a-b9d6-bc0e900328d9/sysvol-authoritative-restore?forum=windowsbackup

did some more research and you should be able to change to authoritative restore via:

change/create the following regkey REG_SZ “Sysvol” [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DFSR\Restore] “Sysvol”="authoritative"

change/create the following regkey REG_SZ " LastRestoreId" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\ SystemStateRestore] “LastRestoreId”="10000000-0000-0000-0000-000000000000"

to a higher value, so it will take precedence for example “60000000-0000-0000-0000-000000000000”, then run “net stop dfsr” and “net start dfsr”, the event viewer should state event id’s 2109, 2110 and 4106, 4108