Performing Authoritative Restores from the Delayed-Rep DC
The process for performing an authoritative restore using this delayed-rep DC is also pretty straightforward. Again, there is one minor complication:
1. Reboot the delayed-rep DC into Directory Services Restore Mode (DSRM). You’ll need the DSRM password to log in; you do know it, right? (If not, you can reboot the DC normally, and then use Ntdsutil to set the DSRM password.)
2. Once you log on, use Ntdsutil to mark the desired objects as authoritatively restored (more on that in a moment).
3. Reboot the server into normal operation.
4. Force outbound replication from the delayed-rep DC to the rest of the organization.
In Authoritative what’s complicated…?
=> Use Ntdsutil to mark the desired objects as authoritatively restored……..
# This’s the complicated part this time.
>> First, because it’s Ntdsutil, and not many people know/use Ntdsutil.
>> Second, because you must know the full DN of the object or objects you want to mark as authoritatively restored.
# How to find full DN of an Object?
>> Fortunately, you can use ADSI Edit to help you find the full DN.
About Me
- Active Directory & Exchange
- Business Management from SMU University; Electronics & Communication Engineering; I’ve been keen to learn and focused on a domain where we have more pain, with an attitude and an aspiration to LEARN MORE & HELP Others. I’ve completed CNE (Novell), MCSE+Internet, MCSE+Messaging, CompTIA Server+, ITIL Foundation Essentials, Lotus Domino Certified (CLS), MCDBA while on the job practice, and my academics comprise Masters in Information Technology.