Disaster recovery of a remote Windows computer (includes non-authoritative and authoritative restore of Active Directory for a domain controller)

You can perform disaster recovery on a remote computer attached to the media server. This procedure will restore your computer's operating system to its pre-disaster state and will restore your data files, except those protected by one of the Backup Exec agents.

If any of your data is protected by Backup Exec agents, review the overview of the agents before you begin disaster recovery.

See Backup Exec agents and options.

If your system is protected by Backup Exec for Windows Servers Intelligent Disaster Recovery (IDR), you should use IDR for disaster recovery.

See About the Intelligent Disaster Recovery Option.

The procedure described in the following section allows you to manually recover a computer not protected by IDR.

You will need the following:

Always log on to Windows using the Administrator account or its equivalent during this procedure.


If you recover a Windows Server 2008 computer that has BitLocker encryption enabled, you must re-enable BitLocker encryption following the restore.

See Microsoft's documentation for more information on BitLocker drive encryption.

To manually recover a remote Windows computer

  1. At the remote computer, install the original version of Windows.

    This basic Windows installation is necessary to provide Backup Exec with a target to which it can restore the system. The computer name, Windows directory and the file system (such as NTFS) must be the same as the previous Windows installation. This basic installation will later be overwritten by the backed up version, which will restore your system configuration, application settings, and security settings.

    If you are recovering from an entire hard disk failure, use Windows setup to partition and format the new disk during installation.

    Format the partitions with the same file system as before the failure, as follows:

    • If the system was in a specific domain or workgroup, do not join the domain or workgroup at this time.

    • If you are recovering a domain controller, do not perform the domain controller installation process at this time.

  2. At the media server, install the Backup Exec Remote Agent to the remote computer.

    See Installing the Remote Agent for Windows Systems.

  3. Start Backup Exec for Windows Servers.

  4. From the navigation bar, click Devices, and then inventory the media containing the latest full backup of the computer to be recovered.

    See Inventorying media.

  5. Catalog the media containing the latest full backup of the computer to be recovered. If the subsequent differential/incremental backups are on separate media, catalog those also

    See Cataloging media while reviewing devices or media.

  6. From the navigation bar, click Restore, and then select all sets from the full and incremental backups that contain logical drives on the hard disk. If differential backup sets are to be restored, select only the last differential set. Make sure you include System State or Shadow Copy components as part of the restore selections.

  7. On the Properties pane, under Settings, click General, and then select the following options:

    • Restore over existing files

    • Restore security

    • Preserve tree

  8. On the Properties pane, under Settings, click Advanced, and then select the appropriate options.

    See Advanced options for restore jobs.

    If you are restoring a computer that is the only domain controller in the domain or the entire domain is being rebuilt and this is the first domain controller, select the option Mark this server as the primary arbitrator for replication when restoring folders managed by the File Replication Service, or when restoring SYSVOL in System State.

  9. Click Run Now.

  10. After the job completes, restart the remote computer.

    Your computer's operating system is now restored to its pre-disaster state. Your data files have been restored, except those protected by Backup Exec database agents.

  11. Continue with one of the following:

    If you are performing an authoritative restore

    go to step 12.

    If you are not performing an authoritative restore

    the recovery is complete.

  12. At the remote server, press <F8> during startup.

    A menu appears that allows you to diagnose and fix system startup problems.

  13. Select Directory Services Restore Mode.

  14. At the media server, start Backup Exec.

  15. From the navigation bar, click Restore.

  16. Select System State (Windows 2000/XP) or Shadow Copy (Windows 2003/2008 or Windows Vista) components as the restore selections.

  17. From the Properties pane, under Source, select Resource Credentials.

  18. Highlight the restore selection for the remote server and click New.

  19. Create a new logon account for this restore job. The account should have administrator privileges on the remote server.

  20. Select the new logon account and click OK.

  21. Run the Restore job.

    At the remote server:

  22. At this point, you can either choose to restore the entire Active Directory, or specific objects from the Active Directory:

    Restore the entire Windows 2000 or Windows 2003 Active Directory by performing the following:

    • Open a command prompt.

    • Type NTDSUTIL and press Enter.

    • Type Authoritative Restore and press Enter.

    • Type Restore Database, press Enter, click OK and then click Yes.

    See Microsoft's documentation for running NTDSUTIL on Windows 2008.

    Restore specific objects from the Active Directory by performing the following:

    • Open a command prompt.

    • Type NTDSUTIL and press Enter.

    • Type Authoritative Restore and press Enter.

    • Type Restore Subtree "ou=<OU Name>.dc=<domain name>,dc=<xxx> (without the quotation marks), and then press Enter, where <OU Name> is the name of the organizational unit you want to restore, <domain name> is the domain name the OU resides in, and <xxx> is the top level domain name of the domain controller, such as com, org, or net. You can do this as many times for as many objects you need to restore.

  23. Once you have finished restoring Active Directory information, exit NTDSUTIL.

  24. Restart the computer.

More Information

Restoring data by setting job properties

Manual disaster recovery of Windows computers