Useful shelf life of a system-state backup of Active Directory
If a nonauthoritative restore is performed by using Backup, the domain controller will contain the settings and entries that existed in the Domain, Schema, Configuration, and optionally the Global Catalog Naming Contexts when the backup was performed. Partial synchronization (replication) from other replicas within the enterprise then update all naming contexts hosted on the domain controller, overwriting the restored data.For more information about authoritative and nonauthoritative restores, click the following article number to view the article in the Microsoft Knowledge Base:
If every server in the domain is destroyed when you use the server in a single domain controller forest or in a single domain that contains multiple domain controllers, restore one server from an arbitrarily outdated backup. Then, replicate all other servers from the restored one. Howerver, you cannot restore the server when you use the server in a multi-domain forest.In this scenario, information that was written to Active Directory after the outdated backup was performed is not available.
The tombstone lifetime attribute is located on the enterprise-wide DS config object. The path for this attribute is:
Note This information assumes that the backup is not older than the default "tombstoneLifetime" setting. Otherwise, the objects have already been deleted from the database. In this case, an authoritative restore may be the better alternative if there are multiple domain controllers.
The "tombstoneLifetime" attribute represents the number of days a backup of Active Directory can be used in addition to the frequency with which Garbage Collection routines (removing items previously marked for deletion) are run.For more information about Garbage Collection, click the following article number to view the article in the Microsoft Knowledge Base:
Changes to the tombstone lifetime attribute in Windows Server 2003 Service Pack 1The default tombstone lifetime value has sometimes proven to be too short. For example, pre-staged domain controllers are sometimes in transit to their final destination for longer than 60 days. Administrators regularly do not bring offline domain controllers into operation or resolve replication failures for longer than the number of days that is specified by the default tombstone lifetime attribute. Windows Server 2003 Service Pack 1 (SP1) increases the attribute value from 60 to 180 days in the following scenarios:
- You use Windows Server 2003 SP1 slipstreamed media to upgrade a Microsoft Windows NT 4.0 domain to a Windows Server 2003 domain. When you perform the upgrade, you create a new forest.
- You promote a computer that is running Windows Server 2003 SP1 to a domain controller. When you promote the domain controller, you create a new forest.
- You upgrade a Windows 2000 domain to a Windows Server 2003 domain by using Windows Server 2003 SP1 slipstreamed media.
- You install Windows Server 2003 SP1 on domain controllers that are running the original release version of Windows Server 2003.
- The useful life of backups that are used for data recovery scenarios.
- The useful life of system state backups that are used for promotions using the Install from Media feature.
- The time that domain controllers can be offline. (Computers that are built in a staging site and shipped to destination sites frequently approach tombstone lifetime expiration.)
- The time that a domain controller may be offline and still return to the domain successfully.
- The time that a domain controller may experience a replication failure and still return to the domain successfully.
- The number of days that the originating domain controller retains knowledge of deleted objects.
Technical support for Windows x64 editionsYour hardware manufacturer provides technical support and assistance for Microsoft Windows x64 editions. Your hardware manufacturer provides support because a Windows x64 edition was included with your hardware. Your hardware manufacturer might have customized the Windows x64 edition installation with unique components. Unique components might include specific device drivers or might include optional settings to maximize the performance of the hardware. Microsoft will provide reasonable-effort assistance if you need technical help with your Windows x64 edition. However, you might have to contact your manufacturer directly. Your manufacturer is best qualified to support the software that your manufacturer installed on the hardware.
For product information about Microsoft Windows XP Professional x64 Edition, visit the following Microsoft Web site:
Article ID: 216993 - Last Review: 10/26/2007 15:40:20 - Revision: 7.4
- kbproductlink kbinfo KB216993