Domain controller backing up

Hi!

First of all, URbackup is great piece of software. Congrats ! :slight_smile:

Second, is it possible to backup AD Domain Controller (system state) ?
What would be the best approach for backing up DC for full recovery ?

Thanks

UrBackup doesnt care about if its a DC or a generic Windows Machine.
Even though UrBackup supports the Windows Backup API in Version > 2.1. it should be fine to just create an Image Backup of the DC and restore it if the DC breaks.

Even if you get an offset like 24hrs, the restored DC should pull the lost AD/DHCP/DNS Data from your (hopefully existing) replication Servers.

If you dont have replication Servers i would highly recommend to buy a CBT liscence and do at least 2 or 3 images a day. [preferable one synthetic full image and 2 increments - more if needed; but this highly depends on the severity of your Environment and how much money you lose if you lose specific Data from the DC]
(mentioned Backups should work very fast with CBT)

So, image backup/restore of DC should work ok in version 2.0.38 ?
Can you please tell what “CBT” is ?

Thank you

Yes it will certainly work, as long as you obey the VSS prerequisites (enough space for shadow copies and shadow copy service is running and functional)

CBT means “change block tracking”.
It basically logs every block written to since the last backup.
That way, you dont have to compare files to your previously created images - the system already knows which data have been changed and just saves those change to a new incremental image.

See the urbackup homepage -> commercial for more info. (https://www.urbackup.org/commercial.html)
One licence is about 15€ or something (without tax) - its really nothing and saves tons of time.

So you’re telling that if I configure clients to do incremental file backup, they take hours because the have to check ALL files? :open_mouth:

1 Like

If you dont have CBT liscences yes.

The CBT tracks all changed blocks since the last backup and uploads those without checking (because the system already knows which blocks changed)

1 Like

So I would just transfer the VHD in the UrBackup folder to hyper-v and fire it up?

Are there additional steps for MBR and stuff like that?

Or better yet a link to documentation for this process?

Thanks,

The supported restore process for images is to recreate the VM (with the same hardware model) and then boot from the restore CD and follow the restore CD restore process.

aaaand… That brings us back to needing a local backup server onsite.

So realistically we can use UrBackup as an Internet based file recovery tool and onsite for full system and file based recovery?

But there doesn’t seem to be a way to avoid needing the onsite UrBackup server.

2.2.x will be able to do image backup restores via Internet client: UrBackup Server 2.2.0 beta/Client 2.2.0 beta/Restore 2.2.0 beta

You can also try the image assembly but others have reported that it does not work: https://www.urbackup.org/administration_manual.html#x1-9400010.7

1 Like

Sweet baby Jeeeebus!

If you get that working I’ll be migrating all of my clients to CBT. It’s not many clients but it’s all of them. :joy:

Restoring an image of a DC can give you big headaches, you might get away with it if it’s your only DC, if you have more than one bringing one online from a system image can be a complete disaster. In that situation you’re truly better off spinning up a new server install and promoting it.

You have to take special care restoring DCs even with the native windows server backup, it has to be restored in a way that tells it it’s data is out of date, so that replication happens the right way.

UrBackup will certainly back up a DC and restore it to the state it was when backed up… that may not be what you want though.

Thank you

Really, img restore of DC is headache!
Google and read first all about AD!
IMHO it must be one of first replays for this topic!

only some special scanario, when it possible -

  1. you have only 1 DC, then - no problem
  2. you have 1 DC as PDC, with GC, and FSMO roles, + DNS on it (imho, dedicated real hw srv),
    and some backup DC’s as VM’s.
    in that case - any fail of backup-DC VM’s = delete that VM, and clean install new VM with promote it
    and clean links to failed. If fails PDC - and you want restore it from img -
    first, shutdown ALL backup-DC VM’s and rename that’s VM’s dirs
    for 100% exclude accidently start any of them ever(!)
    I’m do not yet say delete that VM’s - that’s we can better do,
    when restore of PDC tested and confirmed as 100%
    Next, PDC is on and ok - make new VM’s for backup DC’s and promote them.
    ALL old VM’s must be deleted now as time-bomb -
    because it start = great, epic headache for you!

or, you must use backup products which knows, how to backup AD