AD and Server system recovery

From Directory Services Restore Mode you can choose whether to do an authoritative or
non-authoritative restore of the Active Directory database.
During a normal restore operation, Backup operates in non-authoritative restore mode.
This means that any data you restore, including Active Directory objects, will have their
original update sequence number. The Active Directory replication system uses this
number to detect and propagate Active Directory changes among the servers in your
organization. Thus, any data that is restored non-authoritatively will appear to the Active
Directory replication system as though it is old, which means the data will never be
replicated to your other servers. Instead, if newer data is available from your other
servers, the Active Directory replication system will use this to update the restored data.


Following is the procedure to recover from a system failure using ASR: ( note that ASR only backup necessary system data that can recover a system, and it doesn't backup user data; thus this is not need to be routine backup plan)
1. Collect the following:
1. The Windows 2003 CD-ROM.
2. The ASR floppy disk.
3. The ASR backup media.
2. Boot from the Windows 2003 CD-ROM.
3. Press F2 at the beginning of text mode setup, when prompted.
4. When prompted, insert the ASR floppy disk.
5. Follow the on-screen instructions.
6. Continue to follow the on-screen instructions


A: System State - The System State data includes the registry, COM+ Class Registration
database, files under Windows File Protection, and system boot files. Depending on the
configuration of the server, other data may be included in the System State data. For
example, if the server is a certificate server, the System State will also contain the
Certificate Services database. If the server is a domain controller, Active Directory and
the SYSVOL directory are also contained in the System State data.
C: NETLOGON is used for backward compatibility with Windows NT 4.0 and Windows
9x computers that do not have the Active Directory client software installed.
D: NTDSutil is used to recover deleted objects in Active Directory by marking those
objects as authoritative, following a normal, or non-authoritative, restore of the System
State with the Backup Utility. The ntdsutil command is used to perform an authoritative
restore of Active Directory. The ntdsutil is used to mark the restored Active Directory database as authoritative.

- Configure Volume shadow copy and deploy client software to user via GPO
Volume shaow copies are used to provide copy data at a given point in time.
To use shadow copies, client computers need special software installed.
The Previous Versions Client can be installed through a Windows Installer Package
that is located on your Windows Server 2003 machine in \system32\clients\twclient\
of the systemroot directory (typically named WINDOWS).After it is installed, this
tool enables users to access previous versions of files that were included in a shadow
copy.
You can deploy the Previous Versions Client installation package through Group Policy.


When performing a backup, the Windows Server 2003 Backup utility by default creates a
volume shadow copy, which is a duplicate of the volume at the time the copy process
began. This enables the Backup utility to back up all selected files, including those that
are currently open by users or the operating system. Because the Backup utility uses a
volume shadow copy, it ensures that all selected data is backed up and any open files are
not corrupted during the process. If "Disable Volume Shadow Copy" check box is checked, files that is open or in use is skipped when the backup is performed.