Well, the other day I saw this in an official Microsoft doc and it had to be tested. It refers to being able to take snapshots of our Active Directory, for the simple fact of taking it to another computer and performing some tests with LDAP tools for example, or to see how our Active Directory was doing at any given time, in case we have to do an authoritative AD restore and we don't know what an object or container is called (HTTP://www.bujarra.com/?p=1593), or to use with ADrestore to find out what a Tombstone is called (HTTP://www.bujarra.com/?p=1567)… In any case, it is not advisable to have many snapshots that are not going to be used due to loss of performance.

Well, ahora veremos una pequeña diferencia con el otro tipo de restauración, esta es una restauración autoritativa. Para realizar esta restauración es obligatorio haber realizado antes una restauración no autoritativa (HTTP://www.bujarra.com/?p=1582). Con esta restauración lo que realizamos es una replicación de los objetos que acabamos de restaurar a los otros controladores de dominio, indicando que ‘nuestro’ Directorio Activo es el origen de la réplica. Para realizar está restauración, no debemos reiniciar el servidor DC tras la restauración no autoritativa.

GOOD, In this document we will see how we can restore our Active Directory backup in case we need it to recover from a catastrophe. To do this,, We will need a backup of the system state (HTTP://www.bujarra.com/?p=1574) or a full copy of the server. This is called performing a non-authoritative restore of Active Directory, since we will not indicate which objects we want it to forcibly replicate to the other domain controllers.

It is worth explaining well, how to make a backup of our Active Directory in case at any given time we need to restore objects from it, are users, Ous, Printers… This document explains how to install backup software from Microsoft, since NTBackup has not been continued, but with a new utility called “Windows Server Backups”.