What are authoritative and non-authoritative Active Directory restores?
What are authoritative and non-authoritative Active Directory restores?
Rating:
There are two general methods of restoring Active Directory from the backup media: authoritative and non-authoritative.
Authoritative restore makes the computer authoritative over other domain controllers. Data restored authoritatively in a computer takes precedence over other domain controllers' data, despite the fact that the restored data is older than the current replicas. Authoritative restore is typically used to restore a system to a previously known state. The NTDSUTIL command-line tool allows authoritatively restoring the entire directory, a subtree, or individual objects, provided they are leaf objects.
A non-authoritative restore results in the restored data (which may be outdated) becoming synchronized with the data on other domain controllers through replication.
Rating:
Other articles
- What is MLGPO?
- How to restart Active Directory Domain Services?
- How to add a forward lookup zone on a Windows Server 2008 DNS server?
- What is LDIFDE?
- What is the function of the msDS-MaximumPasswordAge element of the fine-grain account lockout policy