Contents
Overview 1
Recovering from Disasters in a
Windows 2000 Network 2
Repairing a Network Server 3
Restoring Active Directory 10
Restoring Active Directory Objects 12
Rebuilding a Network Server 15
Lab A: Implementing Disaster Recovery
for Active Directory and Windows 2000 16
Best Practices 24
Review 25

Module 10:
Implementing Disaster
Recovery

Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any

Lead Product Manager: Sandy Alto
Group Product Manager: Robert Stewart Module 10: Implementing Disaster Recovery iii

Introduction
This module provides students with the knowledge and skills to repair member
servers and domain controllers and recover data if a network disaster should
occur. Students will learn how to use advanced startup options and the
Recovery Console. Students will also learn how to restore Active Directory
™

directory service and specific Active Directory objects.
In the hands-on lab in this module, students will perform recovery procedures
on servers. They will install the Recovery Console and use it to repair a system
file. They will restore the system state data on a domain controller (which
includes Active Directory). Students will also restore specific Active Directory
objects by performing an authoritative restore.
Materials and Preparation
This section provides you with the materials and preparation needed to teach
this module.
Materials
To teach this module, you need the following materials:
?? Microsoft® PowerPoint® file 1558A_10.ppt

Preparation
To prepare for this module, you should:
?? Read all the materials for this module.
?? Complete the lab.

the command that an administrator can use to repair servers. If time permits,
start the Recovery Console and show students the commands. Finally,
present information on the system state data. Emphasize that it defines the
configuration of the operating system on a computer.
?? Restoring Active Directory
In this topic, present information on restoring Active Directory on a domain
controller. Mention that when you restore the system state data, you restore
Active Directory and the Sysvol folder. Emphasize that Active Directory
cannot be running when you restore Active Directory files.
?? Restoring Active Directory Objects
In this topic, present information on restoring individual Active Directory
objects. First, present information on an authoritative restore. Define it and
explain how it is used. Emphasize that by marking Active Directory objects
as authoritative, the objects are assigned the highest update sequence
number (USN) in Active Directory. Next, present the steps for performing
an authoritative restore. Emphasize that an administrator must not restart the
domain controller after restoring the system state data and before starting
Ntdutil.exe. If an administrator did restart the domain controller, replication
would probably change the object just restored.
?? Rebuilding a Network Server
In this topic, present the method for rebuilding a network server. This topic
provides a checklist to organize the different steps required for rebuilding a
server. Different courses in the Microsoft Official Curriculum (MOC)
present the detailed content for these steps. These courses include course
1556A, Administering Microsoft Windows 2000, course 1557A, Installing
and Configuring Microsoft Windows 2000, and this course, 1558A,
Advanced Administration for Microsoft Windows 2000.
Module 10: Implementing Disaster Recovery v

?? Lab A: Implementing Disaster Recovery for Active Directory and

?? Create the OU manually, and then create some objects in it.

Lab Results
Performing the labs in this module will install the Windows 2000 Recovery
Console on student computers.

You can run
C:\MOC\Win1558A\Labfiles\Lab10\Setup\Lab10Rm.cmd to remove most
configuration changes introduced during the labs in the module. To remove the
Recovery Console, delete the Cmdcons folder and edit C:\Boot.ini to remove
the line that refers to the Recovery Console.

Important
Important
Module 10: Implementing Disaster Recovery 1

Overview
? Recovering from Disasters in a Windows 2000 Network
? Repairing a Network Server
? Restoring Active Directory
? Restoring Active Directory Objects
? Rebuilding a Network Server
? Best PracticesDisaster recovery involves the efforts by administrators to reduce the time that a
computer is nonfunctional in the event of a network disaster. Network disasters
can be caused by power outages, virus attacks, fires, and hardware and software
failures. A nonfunctioning server or domain controller is particularly damaging
to your organization because your network resources, including Active

Recovering from Disasters in a Windows 2000 Network
Rebuild a Server
Rebuild a Server
Rebuild a Server
Format
FormatFormat
Data
Data
Repair a Server
Repair a Server
Repair a Server
Advanced Startup
Options
Advanced Startup
Options
Recovery Console
Recovery Console
Restoring System State
Data
Restoring System State
Data
Restore Active Directory
Restore Active DirectoryRestore Active Directory
Restore Active
Directory Objects
Restore Active Restore Active
Directory ObjectsDirectory Objects
OU
OU
OU

can perform to recover from
a network disaster.
Lead-in
Windows 2000 minimizes
downtime for network
computers and the
resources that reside on
them by providing you with
the capability to recover
from the different types of
network disasters that may
occur in your network.
Do not go into detail on this
topic, because the content
will be covered in
following topics.
Module 10: Implementing Disaster Recovery 3

? Repairing a Network Server
? Using Advanced Startup Options
? Using the Recovery Console
? Using Windows Backup to Restore the System
State DataYou need to repair a failed server that does not start as soon as possible so that
the resources stored on the server are not lost or made unavailable to users for
extended periods. Any downtime caused by a failed server reduces the
productivity of your organization. Windows 2000 provides several methods and
utilities to repair a failed server, including the use of alternative startup methods

Creates a log file that references the device driver
and system services
Safe Mode
Safe Mode
Loads basic services and drivers
Loads basic services and drivers
Safe Mode with
Networking
Safe Mode with
Networking
Enables networking and loads basic services and drivers
Enables networking and loads basic services and drivers
Safe Mode with
Command Prompt
Safe Mode with
Command Prompt
Starts a command prompt instead of the graphical user
interface and loads basic services and drivers
Starts a command prompt instead of the graphical user
interface and loads basic services and drivers
Enable VGA Mode
Enable VGA Mode
Loads the basic VGA driver
Loads the basic VGA driver
Last Known Good
Configuration
Last Known Good
Configuration
Uses the last good configuration to start the computer
Uses the last good configuration to start the computer

of the device drivers and system
services that the system loads (or
does not load). This log file
(Ntbtlog.txt) is located in the
systemroot folder (by default,
C:\Winnt).
You can start
Windows 2000, but
problems occur during
startup. Reviewing this log
file will help you diagnose
startup problems.
Safe Mode Loads only the basic services and
drivers that are required to start the
computer, including the mouse,
keyboard, mass storage device
drivers, base video, and the standard,
default set of system services. This
allows you to bypass nonessential
services and drivers. This option also
creates a Ntbtlog.txt log file.
A nonessential service or
driver does not function
correctly and prevents
Windows 2000
from starting.

Slide Objective
To describe the different
advanced startup options.


The Ntbtlog.txt file is a log
file that can be created by
using different advanced
startup options.
Module 10: Implementing Disaster Recovery 5

(continued)
Option Description Select when

Safe Mode
with
Networking
Enables networking in addition to
loading what Safe Mode loads. This
option creates a Ntbtlog.txt log file.
The conditions for Safe
Mode exist, but you also
need network access (for
example, to connect to a
shared folder on
another computer).
Safe Mode
with
Command
Prompt
Starts a command prompt instead of
the graphical user interface in
addition to loading what Save Mode
loads. This option creates a

Allows you to start Windows 2000 on
a domain controller without starting
Active Directory. You can then
restore and maintain Active Directory
(and restore the Sysvol folder). You
can only repair or restore Active
Directory if it is offline.
You need to restore
Active Directory.
Debugging
Mode
Sends debugging information through
the serial port to another computer.
When other startup options
do not allow you to fix the
problem. This option should
only be used by individuals
who have the technical
skills to do advanced
troubleshooting or who are
following the instructions of
a technical support
professional. The Safe Mode and Safe Mode with Command Prompt options do not
function on a domain controller. These two options do not start the Net Logon
service, which must be running in order for you to log on using a user account
in Active Directory.


For more information about the repair tasks that you can perform by
using the Recovery Console, see appendix F, “Recovery Console Commands,”
on the course 1558A, Advanced Administration for Microsoft Windows 2000,
Student Materials compact disc.

Slide Objective
To explain what the
Recovery Console is and
when to use it.
Lead-in
If you cannot start
Windows 2000 normally or
by using the advanced
startup options, then you
can use the
Recovery Console.
Delivery Tip
If time permits, demonstrate
starting and using the
Recovery Console. Display
the list of commands.
Key Points
The Recovery Console is a
minimal version of the
Windows 2000 operating
system that an administrator
can use to start a computer
when all other startup
options fail. An administrator
can use the commands that