How to make an Active Directory SnapShot
Windows Server 2008 provides you with the possibility to create an online snapshot of the Active Directory database. You can load the AD snapshot with Windows standard tools and make it available as LDAP Directory at a TCP port of your choice.
This “Snapshot Directory Service” contains all information of the AD domain and can be accessed with standard tools like “Active Directory Users and Computers”, LDP, ldiff or Powershell.
Index
Creating and Mounting an AD Snapshot
1. Creating the Snapshot:
|
1 2 3 4 5 6 7 |
c:\ntdsutil ntdsutil: snapshot snapshot: activate instance NTDS Active instance set to "NTDS". snapshot: create Creating snapshot... Snapshot set {4d9af9f4-20f7-4338-974b-790717645817} generated successfully. |
2. Show available snapshots:
|
1 2 |
snapshot: list all 1: 2011/11/22:10:36 {4d9af9f4-20f7-4338-974b-790717645817} |
3. Mount snapshot:
|
1 2 |
snapshot: mount 1 Snapshot {1402dcec-ef46-4e68-8c7e-48988d62447d} mounted as C:\$SNAP_201111221036_VOLUMED$\ |
4. Make snapshot available with dsamain.exe:
The snapshot is made available with the parameter [-ldapport 5000] under TCP Port 5000.
|
1 2 3 4 |
C:\>dsamain -dbpath C:\$SNAP_201111221036_VOLUMED$\Windows\NTDS\ntds.dit -ldapport 5000 EVENTLOG (Informational): NTDS General / Service Control : 1000 Microsoft Active Directory Domain Services startup complete, version 6.1.7600.16 612 |
Access AD Snapshot with LDAP Browser
Now you can access it with the LDAP Browser ldp.exe for example:
|
1 2 3 4 5 6 7 8 |
ld = ldap_open("Servername", 5000); Established connection to 10.4.69.11. Retrieving base DSA information... Getting 1 entries: Dn: (RootDSE) configurationNamingContext: CN=Configuration,DC=root,DC=domain,DC=com; currentTime: 22.11.2011 13:55:58 W. Europe Standard Time; ld = ldap_open("Servername", 5000); Established connection to Servername. |
Access AD Snapshot with Active Directory Users and Computers
Select “Change Domain Controller…” in the context menu to specify a DC in the notation [Servername:Port].
Artikel erstellt am: 30.01.2014
Leave a Reply
<p>Your email is safe with us.<br/>Information about our <a href="https://activedirectoryfaq.com/contact-us/">data protection policies</a></p>