19/3/24, 15:35 Restaurar - Active Directory iDataAgent

Restaurar - Active Directory

iDataAgent
Se debe agregar el estado del sistema en los servidores de Active Directory para realizar
restauraciones de Active Directory.

Se recomienda realizar una operación de restauración inmediatamente después de su primera

copia de seguridad completa para comprender el proceso. Tenga en cuenta que cualquier objeto
o atributo se restaura en la misma ubicación desde donde se realizó la copia de seguridad. La
siguiente sección explica cómo restaurar los invitados de nombre común (CN) .

1. Desde el navegador CommCell, navegue hasta Computadoras cliente | <Cliente> | Directorio

activo | defaultBackupSet

Haga clic derecho en el subcliente predeterminado y luego haga clic en Examinar y restaurar
.

2. Haga clic en Ver contenido .

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 1/7
19/3/24, 15:35 Restaurar - Active Directory iDataAgent

3. Expanda defaultBackupSet y navegue hasta el componente de dominio requerido.

Seleccione el CN ​Guest .

Todos los atributos del objeto están seleccionados por defecto.

Para el primer trabajo de restauración, seleccione cualquier objeto con un tamaño de datos
más pequeño.

Haga clic en Recuperar todo lo seleccionado .

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 2/7
19/3/24, 15:35 Restaurar - Active Directory iDataAgent

4. De forma predeterminada, el objeto y sus atributos se restauran en la misma ubicación desde

donde se realizó la copia de seguridad.

Si ha modificado el objeto o atributo después de la primera copia de seguridad, puede perder

los cambios.

5. Haga clic en la pestaña Inicio de trabajo .

6. Seleccione Inmediato para ejecutar el trabajo inmediatamente.

7. Haga clic en Aceptar .

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 3/7
19/3/24, 15:35 Restaurar - Active Directory iDataAgent

8. You can monitor the progress of the restore job in the Job Controller window of the CommCell
Console.

9. Once the restore job is complete, right-click the defaultBackupSet , point to View, and then
click Restore History.

10. Click OK.

11. You can right-click the job and view the following details:

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 4/7
19/3/24, 15:35 Restaurar - Active Directory iDataAgent

View Restore Items

You can view them as Successful, Failed, Skipped or All.

View Job Details

View Events of the restore job

View Log files of the restore job

12. Once the restore jobs complete successfully, verify that the restored objects/attributes are
available in the domain controller.

What Is Restored
Attributes on each supported Windows object

Computer

Contact

Group

InetOrgPerson

MSMQ Queue Alias

Organizational Unit

Printer

User

Shared Folder

Configuration

Schema

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 5/7
19/3/24, 15:35 Restaurar - Active Directory iDataAgent

ForestDNSZones

DomainDNSZones

What Does Not Get Restored In-Place

Due to a Microsoft limitation the following attributes are backed up but cannot be restored in-
place. If the Update Privilege value is set by the system, then the attributes cannot be restored in-
place. For example, the Bad-Password-Time attribute is not restored in-place as the Update
Privilege value is set by the system. For more information on the available attributes and restoring
a deleted active directory object, see All Attributes and Restore a Deleted Active Directory Object.

ObjectGUID

ObjectSid

PrimaryGroupID

BadPasswordTime

LastLogoff

LastLogon

MemberOf (Although this is a non-modifiable attribute and you cannot restore it directly, when a
user or group object is restored the members will be placed back in the group)

PwdLastSet (only if adldaptool.exe was executed before the backup)

USNChanged

USNCreated

WhenChanged

WhenCreated

DistinguishedName

UserAccountControl

Delete Objects

rootDSE object

SID-History (only if adldaptool.exe was executed before the backup)

GivenName (Active Directory Agent uses the Distinguished Name (DN) to locate the object in live
AD during a restore operation. GivenName is a part of user's DN. If a user name is changed or
renamed, you cannot locate the AD object for restores. In that case, the restore operation.)

Restoring User Accounts and Passwords

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 6/7
19/3/24, 15:35 Restaurar - Active Directory iDataAgent

When you back up an user account, the user's password is not restored along with the user
account. The user's password hash stored in the unicodePwd attribute is not read due to security
reasons. When a user is deleted, the user object is moved to the AD tombstone container. The
deleted user object in the tombstone does not preserve all the original attributes. During a restore
operation, the user object is "undeleted" from the tombstone, and then the attributes that are not
preserved are deleted. The user account is restored with the last password.

Si se conserva el atributo unicodePwd, puede restaurar la última contraseña almacenada antes

de que se elimine el usuario. Las restauraciones a un momento dado no son compatibles ya que
la contraseña no se almacena en las operaciones de copia de seguridad de Commvault. Para
obtener más información, consulte el artículo de Microsoft unicodePwd .

https://documentation.commvault.com/2024/expert/restore_active_directory_idataagent.html 7/7