Once we restored our Windows 2000 computer in the previous exercise and then restarted the computer, the Active Directory will begin replicating directory objects across all domain controllers in this domain. If you remember, we can only restore the Active Directory on domain controllers. The Active Directory replicates similarly to the File Replication service.
We performed nonauthoritative data recovery, which is the default method. Once restarted, this server will be brought up to date with the rest of the domain controllers through the regular Active Directory replication.
The other method of data recovery is authoritative, in which you cannot use normal Active Directory replication to update a server after it has been restarted following the restore. For example, if you deleted a container with a group of users, and restored the container with a backup tape from one week ago, as soon as you restarted the computer after the restore, the rest of the domain controllers would bring this server up to date, which would include the lack of the container you are trying to restore. The reason for the authoritative restore is to make the copy of the Active Directory that is stored on the tape the present copy of the Active Directory, not the copy of the Active Directory that is currently being replicated by the active domain controllers.
The term authoritative is used because you, as the Administrator, are specifying the Active Directory replica that is authoritative in relation to the other domain controllers. You can mark the objects in the Active Directory as authoritative with respect to their replication partners.
Was this article helpful?