Backing up and restoring AD LDS

Active Directory Lightweight Directory Services (AD LDS) data and log files should be backed up regularly to ensure the continued availability of data to applications and users in the event of a system failure.

Backing up AD LDS

By default, each instance of AD LDS running on an AD LDS server stores its database file, Adamntds.dit, and the associated log files in %program files%\Microsoft adam\instancename\data. These files should be included as part of the regular backup plan of your organization. You can back up the directory stores using Windows Server Backup or any Windows Logo Program, third-party backup utility. For information about backing up an AD LDS instance, see Back Up AD LDS Instance Data.

Restoring AD LDS

When you restore a database to an existing AD LDS instance, you must stop the AD LDS instance before you run the restore operation. In addition, we recommend that you move (or delete) the existing database and log files from the AD LDS instance before the restore operation.

Authoritative restore

If objects in the directory are inadvertently deleted or modified, and if those objects are replicated in a configuration set, you must authoritatively restore those objects so that the correct version of the objects is replicated. To authoritatively restore directory data, run the dsdbutil utility after you restore the data but before you restart the AD LDS instance. With dsdbutil, you can mark directory objects for authoritative restore. When an object is marked for authoritative restore, its update sequence number is changed so that the number is higher than any other update sequence number in the configuration set. This ensures that any data you restore is properly replicated throughout the configuration set.

For more information about restoring an AD LDS instance, including authoritative restores, see Restore AD LDS Instance Data.

If you restore an AD LDS backup over a running AD LDS instance, Windows Server Backup leaves the restored files in a pending state, and it does not write the files to disk until the computer is rebooted. In this situation, any directory changes that are made to the running AD LDS instance after Windows Server Backup is run are lost.

If you accidentally start a restore of an AD LDS instance over a currently running AD LDS instance, we recommend that you immediately restart the computer, stop the AD LDS instance, and then perform the restoration again.

Additional references