My test is pretty simple. I used NTBackup to backup the system state (but nothing on the file system since AD is in the system state; that's right, right?), deleted an OU, performed a restore of the system state, then used ntdsutil to perform an authoritative restore. But no joy.
Here are the steps I followed:
1. Backed up system state on DC1
2. Deleted OU1
3. Rebooted into DS Restore Mode and performed a restore of the system state on DC1
4. Without rebooting, I ran ntdsutil -> authoritative restore -> restore database
5. It goes through, updating the USN's, and says it completed successfully.
6. I reboot into normal mode, check AD, but OU1 isn't there.
So, I tried the same thing on another OU, but I rebooted after the restore to see if that would help. I rebooted back into DS Restore Mode, not normal mode. Process says it completed, but still no OU1 when I'm back in normal mode.
I tried it a 3rd time by using the 'restore subtree "ou=ou1,dc=domain,dc=com" option instead of the full database restore. It said it found 3 objects (which was correct) and updated their USN's, but they're still not there when I boot back into normal mode.
The restore of the system state shows no errors and when I look at the ntds.dit file it's a different size, so it appears to be restoring ok. And the ntdsutil command says it's successful. Is there something I'm missing?
The two DC's are SP4, btw.
TIA
List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
