Active Directory

Install DC from Media in Windows Server 2003

How do I install a Replica Domain Controller from a previous backed-up media on my Windows Server 2003 server?

First make sure you read and understand Active Directory Installation Requirements. If you dont comply with all the requirements of that article you will not be able to set up your AD (for example: you dont have a NIC or youre using a computer thats not connected to a LAN).

Note: This article is only good for understanding how to install an ADDITIONAL DC in an EXISTING AD Domain. For any other scenario please read the How to Install Active Directory on Windows 2003 page.

Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts. Our next episode, “Polaris Inc., and Microsoft Teams- Reinventing how we work and play” will be airing on Oct. 28th from 10-11am PST.

Install from Media

In Windows Server 2003 a new feature has been added, and this time its one that will actually make our lives easier… You can promote a domain controller using files backed up from a source domain controller!!!

This feature is called “Install from Media” and its available by running DCPROMO with the /adv switch. Its not a replacement for network replication, we still need network connectivity, but now we can use an old System State copy from another Windows Server 2003, copy it to our future DC, and have the first and basic replication take place from the media, instead of across the network, this saving valuable time and network resources.

What you basically have to do is to back up the systems data of an existing domain controller, restore that backup to your replica candidate, use DCPromo /Adv to tell it to source from local media, rather than a network source.

This also works for global catalogs. If we perform a backup of a global catalog server, then we can create a new global catalog server by performing DCPromo from that restored media.

IFM Limitations

It only works for the same domain, so you cannot back up a domain controller in domain A and create a new domain B using that media.

Its only useful up to the tombstone lifetime with a default of 60 days. So if you have an old backup, then you cannot create a new domain controller using that, because youll run into the problem of reanimating deleted objects.

To backup the existing System State on an existing domain controller

  1. To start Backup, click Start, point to All Programs, point to Accessories, point to System Tools, and then click Backup.
  2. The Backup or Restore Wizard starts by default, unless it is disabled. You can use this wizard or go to the next step to work in Advanced Mode.
  3. Click the Advanced Mode link on the Backup or Restore Wizard.
  4. Click the Backup tab, then click the box next to System State and any other items you would like to backup.

To restore the System State on the future domain controller

  1. Copy your backup-up System State file from the first DC to the server where you want to perform the process. You can do this by copying the file via the network, burn it to CD and copy it to the server, or if you want, just restore it on the original DC but point the restore path to a mapped network drive that is actually a shared folder on the potential new DC.
  2. Run NTBACKUP from the Run menu. Click the Restore tab, then click the box next to System State.

  1. In the “Restore files to” box select “Alternate Location”. In the “Alternate Location” type your designated restore path. This could be a folder on one of your HD. I used C:\Backup. Click Start Restore.
  2. A warning window will appear. Click Ok.

  1. A Confirm Restore window will appear. Click Ok.

  1. A Restore Progress window will appear. Let it finish. Click Close.

Note: You can only use old System State backups no older than 60 days, and that is because of the Tombstone attributes involved.

To create an additional domain controller

  1. Click Start, click Run, and then type dcpromo /adv to open the Active Directory Installation Wizard with the option to create an additional domain controller from restored backup files.

The /adv switch is only necessary when you want to create a domain controller from restored backup files. It is not required when creating an additional domain controller over the network.

  1. On the Operating System Compatibility page, read the information and then click Next.
  2. If this is the first time you have installed Active Directory on a server running Windows Server 2003, click Compatibility Help for more information.
  3. On the Domain Controller Type page, click Additional domain controller for an existing domain, and then click Next.

  1. On the Copying Domain Information page, do one of the following:
  2. Click Over the network, and then click Next.
  3. Click From these restored backup files, and type the location of the restored backup files, or click Browse to locate the restored files. I used C:\Backup. Click Next.

Note: When choosing the option to copy domain information over the network, all directory data for the domain in which this domain controller will be a member will be copied over your network connection. You will have the option to cancel non-critical replication, if necessary.

When choosing the option to copy domain information from restored backup files, you will need to first back up the System State data of a domain controller running Windows Server 2003 from the domain in which this member server will become an additional domain controller. Then, the System State backup must be restored locally on the server on which you are installing Active Directory. To do this using Backup, choose the option Restore files to: Alternate location.

If a domain controller that was backed up contained an application directory partition, the application directory partition will not be restored on the new domain controller.

If the domain controller from which you restored the System State data was a global catalog, you will have the option to make this new domain controller a global catalog.

  1. On the Network Credentials page, type the user name, password, and user domain of the user account you want to use for this operation, and then click Next.

The user account must be a member of the Domain Admins group for the target domain.

  1. On the Database and Log Folders page, type the location in which you want to install the database and log folders, or click Browse to choose a location, and then click Next.

  1. On the Shared System Volume page, type the location in which you want to install the Sysvol folder, or click Browse to choose a location, and then click Next.

  1. On the Directory Services Restore Mode Administrator Password page, type and confirm the password that you want to assign to the Administrator account for this server, and then click Next.

Use this password when starting the computer in Directory Services Restore Mode.

  1. Review the Summary page, and then click Next to begin the installation.

  1. Restart the computer.

Related Topics:

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: