|
Hopefully you read this before
Vacation! I got it working thanks for your
help.. I was my fault, I was doing to many test at once on VM machines. I
started over from scratch and it worked perfect. Thanks! Mike From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier,
Guido Make absolutely sure that you type the DN correctly – I just
noticed you have a SPACE between “user,” and “ou=it” – if you
entered the DN this way, it wouldn’t work… P.S.: won’t read the posts for the next two weeks since I’m taking
off for vacation tomorrow. /Guido From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Mike Hogenauer Guido Yes, I took a backup of the
system state, rebooted into DSRM -> ran ntbackup and restored the system
state, went to NTDSUTIL and then tried my “Auth Res” and it still failed.
Which is why I’m confused. I actually have read the article
you wrote in your hyperlink, and I know you read these post so I was actually
hoping to get your opinion. I will try again – and let you
know what happens. Thanks, Mike From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Grillenmeier, Guido Mike, can you be a little more specific about the steps that you took
to do your restore? This should work fine using the ntdsutil ->
authoritative restore -> restore object “Cn=test user,
ou=it,dc=mycorp,dc=com” command. Obviously provided you previously took a
backup, rebooted to DSRM mode and have restored the AD DB (SystemState) to the
DC – the Auth Restore needs to happen right after the restore of the
SystemState, prior to the reboot of the DC. Check out the whitepaper I wrote with Gil (http://www.netpro.com/media/pdf/NetPro_ADDR_Guide.pdf).
Pages 11 to 13 walk you through how to do an Auth. Restore of objects, and
since you have R2 (includes SP1), you can go right to page 21 to see how to
recover potentially missing links of your recovered object (such as group
membership etc.). Hope you don’t have a multi-domain environment and are
heavily relying on cross populating domain local groups in all the domains in
your forest – this adds extra headaches for the recovery of the links (also
described in the whitepaper). /Guido From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Mike Hogenauer I’ve been asked to write a Disaster recovery doc for our
company. I’m trying to delete a single user account and do an
authoritative restore of that account. (in a test environment of course) Before I deleted the test account I used adsiedit to verify
the path to the account. Cn=test user, ou=it,dc=mycorp,dc=com From Directory restore mode, I can start the Authoritative
restore but it always fails with: Could not find object with the failed DN: failed on component
“cn=test user”. Authoritative restore failed Error 800ffff parsing input – illegal syntax? I’ve reviewed http://support.microsoft.com/?id=840001
and it says I must use quotes – either way it fails. I’ve even tried the workaround described in here: http://support.microsoft.com/?kbid=886689
Suggestions? Environment: Windows 2003 R2 Thanks in advance Mike |
