Windows Server 2008 R2 Unleashed (255 page)

option button and click Next to continue.

6. The next page presents the list of backups stored on the local dedicated backup disk.

Select the desired backup and click Next to continue.

NOTE

If no local backup disks exist, the administrator can select to use a different backup

ptg

and can then click the Advanced button to enable the network and connect to a net-

work shared folder that contains a valid backup, as detailed in the next section of

this chapter.

7. The following page lists which volumes are contained within the known backups.

Select the desired backup again and click Next to continue.

8. On the Choose Additional Restore Options page, check the Only Restore System

Drives check box, and click Next to continue. This leaves any other disks intact, but

any volumes that are hosted on the same disks that contain system volumes will be

formatted, re-created, and restored as well.

9. The next page details the date and time of the backup that will be restored, the

server that will be restored, and the volumes that are contained in this restore set.

Review the information and click Finish to continue with the recovery of the

system volumes.

10. A dialog box appears, stating that all drives selected will be restored with the data in

the system image; click Yes to approve this and continue.

11. The recovery time frame will vary depending on the size of the system volume, the

performance of the volume, and the restore disk or network share. After the recovery

completes, the system will automatically reboot.

12. After the system reboots, log on and verify functionality. If everything is back up

and running, run a full backup and log off.

1290

CHAPTER 31

Recovering from a Disaster

System Volume Recovery Using Network Shared Folder Backups

If the backup data is stored on a network shared folder, alternate recovery steps are

required to restore the system volume. If recovering a system volume from a network

shared folder, perform the following steps:

1. Boot up your system using the Windows Server 2008 R2 installation media. If neces-

sary, configure the BIOS to allow booting from the CD/DVD drive and, if prompted,

press a key to boot from the DVD.

2. When the Install Windows interface opens, select the correct language, time, and

keyboard settings, and click Next to continue.

3. On the next page, click the Repair Your Computer link located in the lower-left

corner of the window.

4. On the System Recovery Options page, the operating system drive that will be recov-

ered should be listed. If not, click the Load Drivers button, and install the necessary

hard drive controller files. If the system is listed, select the Restore Your Computer

Using a System Image That You Created Earlier option button located at the bottom

of the window, and click Next to continue.

5. If there is no local backup disk or volume, an error window will appear; click Cancel.

On the Select a System Image Backup page, click the Select a System Image option

ptg

button and click Next.

6. On the Select the Location page, click the Advanced button.

7. In the pop-up window, click on the Search for a System Image on the Network

button and confirm that you want to connect to the network and understand the

security implications.

8. Enter the UNC path to the network shared folder and click OK. When prompted,

enter the appropriate network credentials to access the backup folder.

9. Once connected, the window will list the backup stored on the specified network

folder. Select this backup and click Next to continue.

10. The following page lists which volumes are contained within the known backups.

Select the desired backup again and click Next to continue.

11. On the Choose Additional Restore Options page, check the Only Restore System

Drives check box, and click Next to continue. This leaves any other disks intact, but

any volumes that are hosted on the same disks that contain system volumes will be

formatted, re-created, and restored as well.

12. The next page details the date and time of the backup that will be restored, the

server that will be restored, and the volumes that are contained in this restore set.

Review the information and click Finish to continue with the recovery of the

system volumes.

13. A dialog box appears stating that all drives selected will be restored with the data in

the system image; click Yes to approve this and continue.

Recovering Role Services and Features

1291

14. The recovery time frame will vary depending on the size of the system volume, the

performance of the volume, and the restore disk or network share. After the recovery

31

completes, the system will automatically reboot.

15. After the system reboots, log on and verify functionality. If everything is back up

and running, run a full backup and log off.

Windows Complete PC Restore

In the event of a complete system failure, it might be necessary to restore a Windows

Server 2008 R2 system in its entirety. If this is the case, perform the same steps as a system

volume recovery, except on the Choose Additional Restore Options page, check the

Format and Repartition Disks check box and uncheck the Only Restore System Drives

check box. This restores all of the disks and also performs the disk partitioning, drive letter

assignment, and mounted volume configuration. If different size disks are provided, the

restore only partitions the disks based on the original size of the disk volumes. Smaller

disks cause the restore to fail, but larger disks can easily be extended after the recovery

completes successfully.

Complete PC Restore to Alternate Hardware

Microsoft does not officially support recovering Windows Server 2008 R2 systems to alter-

ptg

nate hardware. However, recovering a Windows Server 2008 R2 system to different hard-

ware can be accomplished—but it can be a very challenging and painful task. As a best

practice recommendation, if an organization has not or cannot standardize on server

hardware platforms or if systems will be used in production even when the hardware is at

its end of life or maintenance on a system has expired—consider moving critical physical

systems to virtual servers.

When a system is migrated to a virtual server, migrating or restoring that system to an

alternate host running on different hardware is fairly straightforward and simple, as long

as the different host systems run the same version of the virtualization host software.

Configuration files and disks created in Virtual PC 2007 or Virtual Server 2005 R2 will

move right over into Windows 2008 or Windows Server 2008 R2 Hyper-V virtualization,

but importing or restoring systems from alternate third-party virtualization software might

not work. If moving virtual systems between platforms is required, System Center Virtual

Machine Manager provides some functionality in this area. If virtualizing servers is on the

company road map, it is highly recommended to review the Hyper-V virtualization func-

tionality of Windows Server 2008 R2 as well as Microsoft Systems Center Virtual Machine

Manager. For more information about Microsoft virtualization solutions, see Chapter 37,

“Deploying and Using Windows Virtualization.”

Recovering Role Services and Features

Each particular role on a Windows Server 2008 R2 system can have very specific backup

and recovery procedures. As a general rule, though, performing full backups using

Windows Server 2008 R2 Windows Server Backup will enable the restore of a system to a

1292

CHAPTER 31

Recovering from a Disaster

previous point in time, including restoring all Windows Server roles, role services, features,

and configuration to that previously backed-up state. Most role services can be restored

using a System State recovery; however, a System State recovery cannot be restored in

part—only the complete System State can be restored.

Windows Server 2008 R2 System State Recovery

When operating systems become corrupt or unstable or a role service needs to be rolled

back to a previously backed-up state, the quickest and easiest way to perform this task is to

restore the System State. The System State can be backed up independently but is also

contained within a full server backup. To restore the System State on a Member Server

from a previous backup, perform the following steps:

1. Log on to the Windows Server 2008 R2 system with an account with administrator

privileges.

2. Click Start, click All Programs, click Administrative Tools, and select Windows

Server Backup.

3. In the Actions pane, select Recover to start the Recovery Wizard.

4. On the Getting Started page, select either to restore data previously backed up from

ptg

the local computer or a different computer. For this example, select This Server

(Servername), where
Servername
is the name of the server Windows Server Backup is

connected to, and click Next to continue.

5. On the Select Backup Date page, select the correct date and time of the backup you

will use to restore the data, and click Next to continue. Days with a successful

backup are formatted in boldface.

6. On the Select Recovery Type page, select the System State option button, and click

Next to continue.

7. On the Select Location for System State Recovery page, click the Original Location

option button and click Next to continue. If this system was a domain controller,

more options would be available, but that is covered later in this chapter.

8. On the Confirmation page, review the section and ensure that the check box to

automatically reboot the server to complete the recovery process is checked, and

then click Recover to start the process.

9. After the system reboots, log on to the server to verify functionality. If the system is

working properly, perform a full system backup.

Active Directory Recycle Bin Recovery

Let’s begin this section with a very clear statement: If you need to recover a deleted Active

Directory object and the Active Directory Recycle Bin was not enabled before the object

was deleted, skip this section and proceed to the “Active Directory Authoritative Restore”

section. Now if the Active Directory Recycle Bin feature was enabled before an Active

Directory object was deleted, follow the proceeding steps to recover objects using the

Recovering Role Services and Features

1293

Active Directory Recycle Bin. Before completing the following steps, you should know a

few important things:

31

. Restoring a deleted object using the Recycle Bin requires that the object’s distin-

guished name or object GUID is known.

. When restoring an object, the object will be restored into the original location,

unless the –TargetPath option is used. If the original location does not exist, the

restore will fail.

. Restoring a container or organizational unit using the Restore-ADObject cmdlet does

not restore any objects that were contained within the container or OU when it was

deleted. For this functionality, either all objects need to be restored after the contain-

er or OU is restored or a domain controller can be booted into DSRM and an author-

itative restore can be performed using the Restore Subtree option.

Now, if you know that an object was mistakenly deleted and it should be recovered, the

following steps can be followed. For this example, we will restore a user account named

Khalil Droubi. To discover the properties of this deleted object, we will use the Get-

ADObject cmdlet and will filter based on the name of Khalil. Also, when running the Get-

AdObject cmdlet, using the –properties switch will expand the attributes listed for the

query or search results. To restore a single deleted user object, perform the following steps:

ptg

1. Log on to the Windows Server 2008 R2 domain controller system with an account

with domain administrator privileges.

2. Click Start, click All Programs, click Accessories, click the Windows PowerShell

folder, right-click on Windows PowerShell, and select Run As Administrator.

3. Type cd \ and press Enter.

4. Type Import-Module ActiveDirectory and press Enter.

5. Type Get-Command *AD* -CommandType cmdlet and press Enter. This returns all of

the Active Directory-related cmdlets and also returns a few more cmdlets not related

to Active Directory.

6. Type Get-ADObject –Searchbase “CN=Deleted Objects,DC=Companyabc,DC=com”

–Filter * -IncludeDeletedObjects and press Enter. This returns all of the deleted

Active Directory objects on the local domain controller in the companyabc.com

domain to the PowerShell window with a default list of attributes.

7. Because we are trying to restore a deleted user account named Khalil Droubi, we can

filter the previous command by typing Get-AdObject –Searchbase”CN=Deleted

Objects,DC=Company,DC=com” –LdapFilter “Name=*Khalil*”

–IncludeDeletedObjects and pressing Enter. This command returns all of the

deleted objects that contain Khalil in the name.

8. As stated previously, if the deleted object will be restored to the original location, as