The Belated Active Directory Corruption Post, or Cover Your Ass
So almost two weeks ago I had a power outage and my Active Directory got corrupted. I only have one server in my house that serves as my domain controller, Exchange server, and SQL server. That basically meant that I was a tad bit on the "extremely screwed" side. There are lessons to be learned, however. I shall attempt to explain the biggest one that I personally took home from this experience.
For the past six years I have always had what I would consider to be an extremely effective backup solution in place on my home network. I'd use Windows' built-in NTBACKUP utility to back up the network shares that contained user-created data (Word docs, development projects, pictures, journals, etc.). I took great comfort in the fact that at 2:00am every Saturday morning all of these shares would get backed up to a share onĀ another computer - usually my own workstation. Once every three months I'd burn these backups off to CD (and eventually DVD) and send them off-site. This seemed like a pretty effective solution to me and indeed - it always proved to be reliable.
What I never knew is that the NTBACKUP utility can be used to back up what is called "system state". This basically translates to "all the vital stuff Active Directory needs to function properly". If you have a backup of your system state, you can recover from things like Active Directory corruption. In my case, the Active Directory files and the log files were both corrupted, so I was literally helpless. I needed to create a completely new domain, reinstall Exchange, recreate all my mailboxes, and the whole nine yards.
The moral of the story is that if you have a relatively quiet domain like mine here at home, you should be backing up your system state about once a month. If you have a domain where users and permissions are changing rapidly, a daily backup is more than warranted.
For those who are not familiar with the NTBACKUP utility, I think it's absolutely wonderful and you can access it by clicking Start | Run and then typing NTBACKUP (WinXP, Win2K, Win2K3).