Restoration of empty attributes to AD (831792)
The information in this article applies to:
- the operating system: Microsoft Windows 2000
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, Enterprise Edition
SYMPTOMSYou have restored a backup of the system state and made the
Active Directory objects authoritatives but some attributes or objects come
back when replication occurs.CAUSEWhen you back up the Active Directory, only attributes that
are set are backed up. When you restore the data, you replace the local Active
Directory by the objects that are in the backup. Then, the authoritative
restore increases the version number of each attributes, so they are higher
than on the other DCs. During next replication, restored attributes will
overwrite those on the other domain controllers.
The attributes that
were not set at the time of the backup are left empty by authoritative
restores. As empty attributes don't have metadata (USN, version numbers, etc.),
their version will then not be increased. Thus, when replication occurs, they
will be set to the value replicated from the replication
partner.
Also, if you create new objects in your Active Directory and
then restore a backup done before they were added, they will be recreated
locally after the next replication occurs. No deletion order is generated by
authroritative restores.MORE INFORMATIONBackup can be used to recover from lost informations :
object deletion or attributes replacement for example but can't do anything
regarding new objects or attributes added.
| Modification Type: | Major | Last Reviewed: | 11/21/2003 |
|---|
| Keywords: | kbActiveDirectoryRepl kbActiveDirectory KB831792 kbAudITPRO |
|---|
|