The recommended way of using Acronis Universal Restore to migrate Active Directory with Domain Controller to a new machine with dissimilar hardware
This article applies to:
- Acronis True Image Echo
- Windows Server 2003
(!) For Acronis Backup & Recovery 10 see Acronis Backup & Recovery 10: Migrating Domain Controller to Dissimilar Hardware.
The most regular issues with the Active Directory (AD) after the recovery and replication with other Domain Controllers are usually caused by Update Sequence Number (USN) rollback. In particular, because AD is a distributed system with time-expiring elements. See Microsoft Knowledge Base Article 875495.
The proper backup of all the AD elements is supported by the Windows native Ntbackup - system state backup - as stated in Microsoft Knowledge Base Article 888794.
Here is an extract from the article:
Active Directory does not support other methods to roll back the contents of Active Directory. In particular, Active Directory does not support any method that restores a snapshot of the operating system or the volume the operating system resides on. This kind of method causes an update sequence number (USN) rollback. When a USN rollback occurs, the replication partners of the incorrectly restored domain controller may have inconsistent objects in their Active Directory databases. In this situation, you cannot make these objects consistent.
This means that to have a consistent backup of a Domain Controller with fully functional AD, it is better to:
- Back up AD separately by Ntbackup;
- Restore this system state after the image recovery as described in Microsoft TechNet Chapter Active Directory Backup and Restore.
Migrating Domain Controller to dissimilar hardware is, however, a more complicated task, since during the recovery with Acronis Universal Restore new drivers are installed to the system to make it bootable. But restoring a system state after the migration overwrites the new drivers with old system state. As a result, the system will most probably fail to boot.
To avoid the possible issues, please proceed as described below:
Restore the backup to the new hardware using Acronis Universal Restore and adding new drivers. See Restoring to Dissimilar Hardware with Acronis True Image Echo Universal Restore
(!) On this step the drivers will be OK to boot in Windows, but AD might fail to replicate with other Domain Controller.
Disconnect any network connection before booting;
Start system in Active Directory Restore mode by pressing F8 during boot;
(!) If you cannot log into the system with your credentials, try logging in without specifying any password.
Restore the system state using Ntbackup. See Microsoft TechNet Chapter Active Directory Backup and Restore;
(!) On this step AD should be consistent after the system state recovery, but the old drivers will be restored. Hence, if attempted, the system will fail to boot;
Then do not boot Windows, but reboot the machine from Acronis Bootable Media and create an image of the system partition you have on the machine;
Finally, restore the system partition once again using Acronis Universal Restore and specifying the respective drivers once again.
Back up the system with Domain Controller using Ntbackup. See Backing Up and Restoring Active Directory Server with Acronis True Image;
Now mass storage device drivers, HAL and AD should be altogether working properly. You can start the Domain Controller and boot in Windows. It will be able to replicate with other Domain Controllers in the network.
Contact Acronis Customer Central if you have further questions or need assistance.