Monday, October 8, 2012

Windows Server 2008 AD Backup and restore

Before you can backup Server 2008 you need to install the backup features from the Server Manager.1. To install the backup features click StartServer Manager.


How to Backup and Restore Active Directory on Server 2008 - 1

2. Next click FeaturesAdd Features

How to Backup and Restore Active Directory on Server 2008 - 2

3. Scroll to the bottom and select both the Windows Server Backup and the Command Line Tools

How to Backup and Restore Active Directory on Server 2008 - 3

4. Click Next, then click Install

Backing up Server 2008 Active Directory

Now that we have the backup features installed we need to backup Active Directory. You could do a complete server backup, but what if you need to do an authoritative restore of Active Directory?
As you’ll notice in Server 2008, there isn’t an option to backup the System State data through the normal backup utility.

How to Backup and Restore Active Directory on Server 2008 - 4
So what do we do? We need to go “command line” to backup Active Directory.
1. Open up your command prompt by clicking Start and type “cmd” and hit enter.
2. In your command prompt type “wbadmin start systemstatebackup -backuptarget:e:” and press enter.
Note: You can use a different backup target of your choosing
3. Type “y” and press enter to start the backup process.

How to Backup and Restore Active Directory on Server 2008 - 5
When the backup is finished running you should get a message that the backup completed successfully. If it did not complete properly you will need to troubleshoot.

How to Backup and Restore Active Directory on Server 2008 - 6
Now you have a system state backup of your 2008 Server!

Authoritative Restore of Active Directory

So now what if you accidentally delete an OU, group, or a user account and it’s already replicated to your other servers? We will need to perform an authoritative restore of the Active Directory object you accidentally deleted.
1. To do this you will need to boot into DSRM (Directory Services Restore Mode) by restarting your server and pressing F8 during the restart.
2.Choose Directory Services Restore Mode from the Advanced Boot menu.


How to Backup and Restore Active Directory on Server 2008 - 7
3. Login to your server with your DSRM password you created during Active Directory installation.
4. Once you’re logged into your server and in DSRM safe mode, open a command prompt by clicking Start, type “cmd“, and press enter.
5. To make sure you restore the correct backup it’s a good idea to use the “wbadmin get versions” command and write down the version you need to use.


How to Backup and Restore Active Directory on Server 2008 - 8
6. Now we need to perform a non-authoritative restore of Active Directory by typing “wbadmin start systemstaterecovery -version:04/14/2009-02:39“.
Note: The version of backup will vary depending on your situation. Type “y” and press enter to start the non authoritative restore.
7. Go grab some coffee and take a break while the restore completes.


How to Backup and Restore Active Directory on Server 2008 - 9
8. You can mark the sysvol as authoritative by adding the –authsysvol switch to the end of the wbadmin command.


How to Backup and Restore Active Directory on Server 2008 - 10
9. But if you want to restore a specific Active Directory object then you can use the ever familiar ntdsutil.
For this example we are going to restore a user account with a distinguished name of CN=Test User,CN=Users,DC=home,DC=local. So the commands would be:
ntdsutil
activate instance ntds
authoritative restore
restore object “cn=Test User,cn=Users,dc=home,dc=local”
Note: The quotes are required


How to Backup and Restore Active Directory on Server 2008 - 11
10. Reboot your server into normal mode and you’re finished. The object will be marked as authoritative and replicate to the rest of your domain.

Using Active Directory Snapshots

There is a really cool new feature in Windows Server 2008 called Active Directory Snapshots. Volume Shadow Copy Service now allows us to take a snapshot of Active Directory as a type of backup. They are very quick to create and serve as another line of defense for your backup strategy.
With your server booted into normal mode open a command prompt by clicking Start, type “cmd“, and press enter.
We are going to use the ntdsutil again for creating the Active Directory snapshots. The commands are:
ntdsutil
snapshot
activate instance ntds
create
quit
quit

How to Backup and Restore Active Directory on Server 2008 - 12
So now that you have a snapshot of AD, how do you access the data? First we need to mount the snapshot using ntdsutil. The commands are:
ntdsutl
snapshot
list all
mount 1
— (Note: You should mount the correct snapshot you need; for this example there is only 1.)
quit
quit

How to Backup and Restore Active Directory on Server 2008 - 13
Your snapshot is mounted, but how do you access the data? We need to use the dsamain command to accomplish this. Then we need to select an LDAP port to use. The command is as follows:

dsamain –dbpath c:\$SNAP_200905141444_VOLUMEC$\WINDOWS\NTDS\ntds.dit –ldapport 10001
The result should look like this:


How to Backup and Restore Active Directory on Server 2008 - 14
Now we need to go to Start, Administrative Tools, then Active Directory Users and Computers.
Right click Active Directory Users and Computers and select Change Domain Controller.


How to Backup and Restore Active Directory on Server 2008 - 15
In the area that says < Type a Directory Server name [:port] here > enter the name of your server and the LDAP port you used when running the dsamain command.
For my example it would be: WIN-V22UWGW0LU8.HOME.LOCAL:10001


How to Backup and Restore Active Directory on Server 2008 - 16
Now you can browse the snapshot of Active Directory without affecting anything else negatively.

Your AD Backup Strategy

It’s always good to have a solid backup plan for your Active Directory. You can use a combination of backup strategies or just one of these methods for backing up your Active Directory.
Make sure you tailor your Active Directory backup strategy to meet your company’s needs and make it easy to recover if disaster does strike.

Tuesday, July 17, 2012

Windows XP Start Button Modify

Step 1 - Modify Explorer.exe File

In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.
get this from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip
The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.
The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.
There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case I used Click Me!
You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. I won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.

Step 2 – Modify the Registry

!!!make a backup of your registry before making changes!!!
Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon
In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.
Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b]

Monday, May 14, 2012