What is the best method for backing up Active Directory? Is Windows Backup preferred or can you use any backup software?
Although some TechNet articles suggest that Windows Server Backup should be used for backing up the Active Directory, Windows Server Backup is far from being the only backup solution that is capable of backing up and restoring the Active Directory database. In fact, there even is another Microsoft product that offers the ability to perform Active Directory backups and restorations -- System Center Data Protection Manager. In case you are not familiar with System Center Data Protection Manager, it is Microsoft's enterprise backup solution.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
As previously mentioned, just about any enterprise-grade backup application for Windows should be able to back up the Active Directory. However, some backup applications provide better support for Active Directory backup and recovery than others.
The Active Directory is really nothing more than a database and a collection of system services running on a domain controller. As with any database, the Active Directory must be backed up in a way that ensures data consistency. Most enterprise backup applications use Volume Shadow Copy Service, or VSS, writers to create a snapshot as a way of preventing Active Directory data from being modified while the backup is in progress. If an Active Directory backup is written to disk, a snapshot is used for the write operation, but if the cataloging of the backup data is based on the live copy of the Active Directory database, you'll get inconsistencies.
Each backup vendor has its own way of handling this process, and some vendors do a better job than others. Symantec, for example, recommends that Active Directory backups be written to disk rather than going direct to tape.
It is also worth noting that some backup vendors fully support very specific Active Directory object restoration. For example, such products will allow individual user accounts to be restored. However, other products support only restoring the Active Directory as a whole. It therefore is important to research a backup product's capabilities and limitations before using it to protect an Active Directory.
Dig Deeper on Backup and recovery software
Related Q&A from Brien Posey
Data reduction techniques are important for increasing capacity on SSDs. Compression and deduplication are the most well-known, but other techniques ...continue reading
Is DRaaS reliable? Is failing over to the cloud a smooth procedure? Expert Brien Posey breaks down these two widespread concerns with the cloud ...continue reading
Copy data management and backup can work together, but organizations need to be careful with redundant data. Having only one copy of data could be a ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.