Restoring the Active Directory database

If the Active Directory database files are corrupted but the domain controller is able start in normal mode, you can restore the database in one of the following ways.

Re-promoting the domain controller

This way of restoring the database is available only if the domain has other domain controllers. It does not require having a backup.

To restore the database, use the Dcpromo tool to demote the domain controller with the corrupted database, and then to promote that domain controller again.

To re-promote the domain controller, run the following commands:

dcpromo /forceremoval

dcpromo /adv

Recovering the database from a backup

This way of restoring the database can be used regardless of whether the domain has other domain controllers.

To restore the database, recover the Active Directory database files. In addition, if you have made any changes to Group Policy Objects (GPOs) since backup, you also need to recover the SYSVOL folder.

To recover the Active Directory database from a backup

1. Restart the domain controller and press F8 during startup.
2. On the Advanced Boot Options screen, select Directory Services Restore Mode.
3. [Optional] Create a copy of the current Active Directory database files to be able to undo the changes if need be.
4. Change the original account of the Acronis agent service to the Directory Services Restore Mode (DSRM) Administrator account:
   1. Open the Services snap-in.
   2. In the list of services, double-click Acronis Managed Machine Service.
   3. On the Log On tab, in This account, specify the user name and password that you use to log on to Directory Services Restore Mode, and then click Apply.
   4. On the General tab, click Start. After the service starts, click OK.

   Details. This change is needed because the Acronis agent service on a domain controller runs under a domain user account, but domain user accounts are unavailable in Directory Services Restore Mode.

5. Start Acronis Backup & Recovery 11.5 and recover the database files from the backup. If necessary, also recover the SYSVOL folder.

   Details. For paths to these files and folders, see "Active Directory backup". The recovery procedure is similar to the one described in "Recovering Exchange Server database files.

6. If the domain has other domain controllers, ensure that a USN rollback problem will not occur.
7. Restart the domain controller in normal mode. Make sure that the Active Directory service has started successfully.
8. Change the account for the Acronis service back to the original one, similarly to step 4.