The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

How to backup and restore Active Directory in Windows Server

Download Windows Speedup Tool to fix errors and make PC run faster

Usually, we can restore the entire Windows Server using the Backup and Restore Wizard. However, to restore the Active Directory in Windows Server, we need to use a different method, which we will show in this post. So, if you want to backup and restore Active Directory, this post is for you.

Backup and restore Active Directory in Windows Server

Active Directory (AD) is Microsoft’s directory service. It runs on Windows Server and helps administrators manage permissions and access to network resources.

To backup and restore Active Directory in Windows Server, you need to follow the steps mentioned below.

  1. Remove the Shadow Copy limit
  2. Install the backup feature
  3. Create and configure backup schedule
  4. Restore Active Directory using the backup

Let us talk about them in detail.

1] Remove the Shadow Copy limit

First of all, we need to ensure that the Shadow Copy has no limit on the drive in which we are going to store our backup. If it has a limit, we are going to remove it. Follow the steps mentioned below to do the same.

  1. Open Server Manager.
  2. Go to Tools > Computer Management.
  3.  Now, go to disk where you want to store Active Directory’s backup, right-click, and click on Properties.
  4. Go to the Shadow copies tab.
  5. Select the drive and click on Settings.
  6. Now, check the Maximum Size option, it should be set to No Limits.

After removing the limit of the Shadow copy, move to the next step.

2] Install the backup feature

In order to take the backup, we need to install the backup feature. To do so, follow the steps given below.

  1. In Server Manager, go to Manage > Add Roles and features.
  2. Click on Next when the wizard pops up to get started.
  3. Make sure that the Role-based or feature-based installation option is ticked and click on Next.
  4. Click Next until you reach the Features tab.
  5. Scroll down and search for Windows Server Backup, tick it, and click on Install.

Wait for the feature to install and then move to the next step.

3] Create and configure backup schedule

backup and restore Active Directory in Windows Server

After installing the feature to take a backup, we will go ahead and schedule a backup of the Active Directory. Follow these steps.

  1. In Server Manager, click on Tools.
  2. Scroll down, find, and open Windows Server Backup.
  3. Click on Local Backup and then click on Backup Schedule. If you don’t want to configure the backup schedule, click on Backup once to take the backup copy instantly.
  4. After clicking on the Backup Schedule option, the Backup wizard will pop up where you need to click on Next.
  5. Click on Custom and then on Next.
  6. Click on Add items.
  7. Select System State to take the backup of the Active Directory. Click Ok and then on Next.
  8. You then have to specify a schedule for the backup and then click on Next.
  9. Select the destination of the backup, and make sure to set it to the folder where we have removed the Shadow Copy limit.
  10. Finally, click on Finish in the Confirmation tab.

This will create a backup schedule.

4] Restore Active Directory using the backup

If you click on the Restore button in the Backup and Recovery wizard and try to restore the backup, you will receive the following error message.

The backup contains Active Directory Domain Service which can be recovered only when the computer is started in Directory Services Restore Mode (DSRM). Retry the system state recovery operation from DSRM.

So, as evident from the error message, we are going to boot the system in DSRM and recover the Active Directory.

Follow the steps mentioned below to boot into DSRM and recover your Active Directory.

  • Start your computer in Active Directory Repair mode.
    • Open Run.
    • Type “msconfig” and hit Enter.
    • Go to Boot.
    • Tick Safe mode and select Active Directory repair.
  • Once the system boots up, we need to log in as the Local Admin, so, click on Other users, type “administrator”, and enter the password for that server. The password is exclusive to Active Directory, the one that you set during the initialization of Active Directory.
  • Now, open Server Manager, and click on Tools > Windows Server Backup.
  • Click on Local Backup and then click on Recover.
  • Select This Server and click on Next.
  • Then, select the backup that you want to restore with and click on Next.
  • You want to set the Recovery type as System state and start the recovery process.

The recovery process will take time but will restore your Active Directory.

That’s it!

Read: How to setup Branch Cache in Windows Server?

How to back up and restore Active Directory?

To take a backup of the Active Directory, you need to backup the System state. Similarly, when restoring it, you need to restore System State, but that is only possible in Active Directory Restore Mode. If you want to backup and restore Active Directory, we recommend you check out the aforementioned guide.

Read: How to delete Windows Server Backup Copies?

Can I restore a domain controller from backup?

To restore the Domain Controller, you need to perform a Non-Authoritative restore of the domain controller. This type of restore allows the entire directory to be restored on a domain controller without reintroducing or changing the objects that have been modified.

Also Read: Install, Uninstall, Reset Windows Server Backup.

Yusuf@TWC

Yusuf is an Engineering graduate from Delhi. He has written over 1000 technical articles and has knowledge of programming languages including Java, and C++, and technologies such as Oracle 12C and MsSQL. Troubleshooting Windows is his favorite past-time.