When one of the several domain controllers (DCs) is lost, the Active Directory service is still available. Therefore, other domain controllers will contain data that is newer than the data in the backup.
In these cases, a type of recovery known as nonauthoritative restore is usually performed. Nonauthoritative restore means that the recovery will not affect the current state of Active Directory.
Steps to perform
If the domain has other domain controllers, you can perform nonauthoritative restore of a lost domain controller in either of these ways:
Both operations are followed by automatic replication. Replication makes the domain controller database up-to-date. Just make sure the Active Directory service has started successfully. Once replication completes, the domain controller will be up and running again.
Recovery vs. re-creation
Recreation does not require having a backup. Recovery is normally faster than re-creation. However, recovery is not possible in the following cases:
Recovering a domain controller that holds a FSMO role
Some domain controllers hold unique roles known as Flexible Single Master Operations (FSMO) roles or operations manager roles. For the description of FSMO roles and their scopes (domain-wide or forest-wide), see Microsoft Help and Support article http://support.microsoft.com/kb/324801.
Before recreating a domain controller that held the PDC Emulator role, you must seize that role. Otherwise, you will not be able to add the recreated domain controller to the domain. After recreating the domain controller, you can transfer this role back. For information about how to seize and transfer FSMO roles, see Microsoft Help and Support article http://support.microsoft.com/kb/255504.
To view which FSMO roles are assigned to which domain controller, you can connect to any live domain controller by using the Ntdsutil tool as described in Microsoft Help and Support article http://support.microsoft.com/kb/234790. Follow the steps in the “Using the NTDSUTIL Tool” section of that article: