Microsoft Windows XP, Windows 2000 and Windows Server 2003 offer two types of disk storage: basic and dynamic
Basic Disk Storage
Basic storage uses normal partition tables supported by MS-DOS, Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows Millennium Edition (Me), Microsoft Windows NT, Microsoft Windows 2000, Windows Server 2003 and Windows XP. A disk initialized for basic storage is called a basic disk. A basic disk contains basic volumes, such as primary partitions, extended partitions, and logical drives. Additionally, basic volumes include multidisk volumes that are created by using Windows NT 4.0 or earlier, such as volume sets, stripe sets, mirror sets, and stripe sets with parity. Windows XP does not support these multidisk basic volumes. Any volume sets, stripe sets, mirror sets, or stripe sets with parity must be backed up and deleted or converted to dynamic disks before you install Windows XP Professional.
Dynamic Disk Storage
Dynamic storage is supported in Windows XP Professional, Windows 2000 and Windows Server 2003. A disk initialized for dynamic storage is called a dynamic disk. A dynamic disk contains dynamic volumes, such as simple volumes, spanned volumes, striped volumes, mirrored volumes, and RAID-5 volumes. With dynamic storage, you can perform disk and volume management without the need to restart Windows.
Note: Dynamic disks are not supported on portable computers or on Windows XP Home Edition-based computers.
You cannot create mirrored volumes or RAID-5 volumes on Windows XP Home Edition, Windows XP Professional, or Windows XP 64-Bit Edition-based computers. However, you can use a Windows XP Professional-based computer to create a mirrored or RAID-5 volume on remote computers that are running Windows 2000 Server, Windows 2000 Advanced Server, or Windows 2000 Datacenter Server, or the Standard, Enterprise and Data Center versions of Windows Server 2003.
Storage types are separate from the file system type. A basic or dynamic disk can contain any combination of FAT16, FAT32, or NTFS partitions or volumes.
A disk system can contain any combination of storage types. However, all volumes on the same disk must use the same storage type.
To convert a Basic Disk to a Dynamic Disk:
Use the Disk Management snap-in in Windows XP/2000/2003 to convert a basic disk to a dynamic disk. To do this, follow these steps:
1. Log on as Administrator or as a member of the Administrators group.
2. Click Start, and then click Control Panel.
3. Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management. You can also right-click My Computer and choose Manage if you have My Computer displayed on your desktop.
4. In the left pane, click Disk Management.
5. In the lower-right pane, right-click the basic disk that you want to convert, and then click Convert to Dynamic Disk. You must right-click the gray area that contains the disk title on the left side of the Details pane.
6. Select the check box that is next to the disk that you want to convert (if it is not already selected), and then click OK.
7. Click Details if you want to view the list of volumes in the disk. Click Convert.
8. Click Yes when you are prompted to convert the disk, and then click OK.
Warning: After you convert a basic disk to a dynamic disk, local access to the dynamic disk is limited to Windows XP Professional, Windows 2000 and Windows Server 2003. Additionally, after you convert a basic disk to a dynamic disk, the dynamic volumes cannot be changed back to partitions. You must first delete all dynamic volumes on the disk and then convert the dynamic disk back to a basic disk. If you want to keep your data, you must first back up the data or move it to another volume.
Dynamic Storage Terms
A volume is a storage unit made from free space on one or more disks. It can be formatted with a file system and assigned a drive letter. Volumes on dynamic disks can have any of the following layouts: simple, spanned, mirrored, striped, or RAID-5.
A simple volume uses free space from a single disk. It can be a single region on a disk or consist of multiple, concatenated regions. A simple volume can be extended within the same disk or onto additional disks. If a simple volume is extended across multiple disks, it becomes a spanned volume.
A spanned volume is created from free disk space that is linked together from multiple disks. You can extend a spanned volume onto a maximum of 32 disks. A spanned volume cannot be mirrored and is not fault-tolerant.
A striped volume is a volume whose data is interleaved across two or more physical disks. The data on this type of volume is allocated alternately and evenly to each of the physical disks. A striped volume cannot be mirrored or extended and is not fault-tolerant. Striping is also known as RAID-0.
A mirrored volume is a fault-tolerant volume whose data is duplicated on two physical disks. All of the data on one volume is copied to another disk to provide data redundancy. If one of the disks fails, the data can still be accessed from the remaining disk. A mirrored volume cannot be extended. Mirroring is also known as RAID-1.
A RAID-5 volume is a fault-tolerant volume whose data is striped across an array of three or more disks. Parity (a calculated value that can be used to reconstruct data after a failure) is also striped across the disk array. If a physical disk fails, the portion of the RAID-5 volume that was on that failed disk can be re-created from the remaining data and the parity. A RAID-5 volume cannot be mirrored or extended.
The system volume contains the hardware-specific files that are needed to load Windows (for example, Ntldr, Boot.ini, and Ntdetect.com). The system volume can be, but does not have to be, the same as the boot volume.
The boot volume contains the Windows operating system files that are located in the %Systemroot% and %Systemroot%\System32 folders. The boot volume can be, but does not have to be, the same as the system volume.
What's the difference between Basic and Dynamic Disks in Windows XP/2000/2003?
How to Restore Windows Server 2003 Active Directory
In the Windows Server 2003 family, you can restore the Active Directory database if it becomes corrupted or is destroyed because of hardware or software failures. You must restore the Active Directory database when objects in Active Directory are changed or deleted.
Relax while LANsurveyor automatically maps your network.
LANsurveyor automatically discovers your LAN or WAN and produces comprehensive, easy-to-view network diagrams that can be exported into Microsoft Office® Visio®.
Note: There is an option to restore Active Directory objects that have been deleted and are now in a phase called "tombstone". These items are hidden from the GUI and await their cleanup by a process called "garbage collection". Read more about it on my "Recovering Deleted Items in Active Directory" article.
You can use one of the three methods to restore Active Directory from backup media: Primary Restore, Normal Restore (i.e. Non Authoritative), and Authoritative Restore.
For example, if you inadvertently delete or modify objects in Active Directory, and those objects were thereafter replicated to other DCs, you will need to authoritatively restore those objects so they are replicated or distributed to the other servers. If you do not authoritatively restore the objects, they will never get replicated or distributed to your other servers because they will appear to be older than the objects currently on your other DCs. Using the NTDSUTIL utility to mark objects for authoritative restore ensures that the data you want to restore gets replicated or distributed throughout your organization. On the other hand, if your system disk has failed or the Active Directory database is corrupted, then you can simply restore the data normally without using NTDSUTIL. After rebooting the DC, it will receive newer updates from other DCs. |
Backup Windows Server 2003 Active Directory
Backing up Active Directory is essential to maintain the proper health of the Active Directory database. You can backup Active Directory by using the NTBACKUP tool that comes built-in with Windows Server 2003, or use any 3rd-party tool that supports this feature. Backing up the Active Directory is done on one or more of your Active Directory domain Controllers (or DCs), and is performed by backing up the System State on those servers. The System State contains the local Registry, COM+ Class Registration Database, the System Boot Files, certificates from Certificate Server (if it’s installed), Cluster database (if it’s installed), NTDS.DIT, and the SYSVOL folder.
Relax while LANsurveyor automatically maps your network.
LANsurveyor automatically discovers your LAN or WAN and produces comprehensive, easy-to-view network diagrams that can be exported into Microsoft Office® Visio®.
To ensure your ability to actually use this backup, you must be aware of the tombstone lifetime. By default, the tombstone is 60 days (for Windows 2000/2003 DCs), or 180 days (for Active Directory based upon Windows Server 2003 SP1 DCs).
Note: Longer tombstone lifetime decreases the chance that a deleted object remains in the local directory of a disconnected DC beyond the time when the object is permanently deleted from online DCs. The tombstone lifetime is not changed automatically when you upgrade to Windows Server 2003 with SP1, but you can change the tombstone lifetime manually after the upgrade. New forests that are installed with Windows Server 2003 with SP1 have a default tombstone lifetime of 180 days. Read my "Changing the Tombstone Lifetime Attribute in Active Directory" article for more info on that.
Any backup older than 60/180 days is not a good backup and cannot be used to restore any DC. You do not need to backup all your DCs' System States, usually backing up the first DC in the Forest + the first DCs in each domain is enough for most scenarios.
Purpose of Performing Regular Backups
You need a current, verified, and reliable backup to:
- Restore Active Directory data that becomes lost. By using an authoritative restore process, you can restore individual objects or sets of objects (containers or directory partitions) from their deleted state. Read my "Recovering Deleted Items in Active Directory" article for more info on that.
- Recover a DC that cannot start up or operate normally because of software failure or hardware failure.
- Install Active Directory from backup media (using the dcpromo /adv command). Read my "Install DC from Media in Windows Server 2003" article for more info on that.
- Perform a forest recovery if forest-wide failure occurs.
All these are reasons to have good working and reliable backups.
Note: One of the Active Directory features that was introduced in Windows Server 2003 with Service Pack 1 was the Directory Service Backup Reminders. With this reminder, a new event message, event ID 2089, provides the backup status of each directory partition that a domain controller stores. This includes application directory partitions and Active Directory Application Mode (ADAM) partitions. If halfway through the tombstone lifetime a partition has not been backed up, this event is logged in the Directory Service event log and continues daily until the partition is backed up.
Note: You can only back up the System State data on a local computer. You cannot back up the System State data on a remote computer.
Method #1: Using NTBACKUP
- Open NTBACKUP by either going to Run, then NTBACKUP and pressing Enter or by going to Start -> Accessories -> System Tools.
- If you are prompted by the Backup or Restore Wizard, I suggest you un-check the "Always Start in Wizard Mode" checkbox, and click on the Advanced Mode link.
- Inside NTBACKUP's main window, click on the Backup tab.
- Click to select the System State checkbox. Note you cannot manually select components of the System State backup. It's all or nothing.
- Enter a backup path for the BKF file. If you're using a tape device, make sure NTBACKUP is aware and properly configured to use it.
- Press Start Backup.
- The Backup Job Information pops out, allowing you to configure a scheduled backup job and other settings. For the System State backup, do not change any of the other settings except the schedule, if so desired. When done, press Start Backup.
- After a few moments of configuration tasks, NTBACKUP will begin the backup job.
- When the backup is complete, review the output and close NTBACKUP.
Next, you need to properly label and secure the backup file/tape and if possible, store a copy of it on a remote and secure location.
Method #2: Using the Command Prompt
You can use the command line version of NTBACKUP in order to perform backups from the Command Prompt.
For example, to create a backup job named "System State Backup Job" that backs up the System State data to the file D:\system_state_backup.bkf, type:
ntbackup backup systemstate /J "System State Backup Job" /F "D:\system_state_backup.bkf"
For Microsoft's official documentation on Active Directory backups, see: Active Directory Operations Guide - Active Directory Backup and Restore
ADRestore GUI version
Accidentally deleted user, computer account or OU’s from Active Directory. Don’t worry, now you can get them back using ADRestore tool using GUI interface.
Though there is a command line version of tombstone reanimation tool called adrestore - sysinternals, many people are not CLI savvies and having a GUI version of this functionality could really help them out.
Insight on tombstone: Reanimating Active Directory Tombstone Objects - By Gil Kirkpatrick
Gil Kirkpatrick's article at Technet
Main features:
- Browsing the tombstones
- Domain Controller targeting
- Can be used with alternative credentials (convenient if you do not logon to your desktop as Domain Admin, which you should never do anyway)
- User/Computer/OU/Container reanimation
- Preview of tombstone attributes
Here are some sceenshots:
Enumerating tombstones 
Previewing the tombstone attributes 
Restoring a deleted user account 
Notice that if you delete an OU with accounts in it, you will have to restore first the OUs the accounts were in, otherwise the reanimation of the child object will fail. It is not enough to create an OU with the same name as this will be a totally new object in AD and child object's lastKnowParent attribute will still reference the deleted OU. Here is a walthrough:
Initial state: 
TestOU organizational unit is deleted: 
State of tombstones (notice that lastKnownParent attribute of user and computer accounts reference the deleted OU): 
OU is restored (lastKnowParent points to the restored OU's distinguished name): 
Both computer and user accounts that resided in TestOU are reanimated: 
Download ADRestore.NET
Installing Secondary DNS,
The Domain Name System is a directory of registered computer names and IP addresses that can be instantly located. Without proper design and administration of DNS, computers wouldn't be able to locate each other on the network.
Reduced: 80% of original size [ 638 x 479 ] - Click to view full image
Right Click the "Forward Look-up Zone" then Select "New Zone"
Reduced: 80% of original size [ 636 x 480 ] - Click to view full image
Click "Next"
Reduced: 80% of original size [ 637 x 480 ] - Click to view full image
Select "one or more DNS are running on this network" then enter your Primary DNS ip address and Click "next"
Reduced: 80% of original size [ 636 x 478 ] - Click to view full image
Select "yes, create a forward lookup zone" and Click "Next"
Reduced: 80% of original size [ 638 x 484 ] - Click to view full image
Select "Secondary DNS" and click "Next"
Reduced: 80% of original size [ 635 x 477 ] - Click to view full image
Type the name in zone "e.g, secondary.nanflexaltech.com" and click "Next"
Reduced: 80% of original size [ 639 x 479 ] - Click to view full image
Enter your Primary DNS ip address and "Add" then Click "Next"
Reduced: 80% of original size [ 634 x 478 ] - Click to view full image
Select "No, Donot create reverse lookup zone" and click "Next"
Reduced: 80% of original size [ 637 x 478 ] - Click to view full image
Click "Finish" and you will see the picture below, if anything went good, you will see your secondary DNS up and running
Reduced: 80% of original size [ 638 x 452 ] - Click to view full image
Installing Active Directory - Secondary Domain, Secondary Domain Controller in Windows 2000 Server
Active Directory (AD) is an implementation of LDAP directory services by Microsoft for use primarily in Windows environments. Its main purpose is to provide central authentication and authorization services for Windows-based computers. Active Directory also allows administrators to assign policies, deploy software, and apply critical updates to an organization. Active Directory stores information and settings in a central database. Active Directory networks can vary from a small installation with a few hundred objects, to a large installation with millions of objects.
Active Directory was previewed in 1996, released first with Windows 2000 Server edition, and revised to extend functionality and improve administration in Windows Server 2003. Additional improvements were made in both Windows Server 2003 R2 and Windows Server 2008.
Installing Active Directory (Secondary Domain Controller)
Reduced: 80% of original size [ 636 x 479 ] - Click to view full image
click "Start menu" and choose "Run" and enter "dcpromo" and click "Ok"
Reduced: 80% of original size [ 638 x 478 ] - Click to view full image
click "Next"
Reduced: 80% of original size [ 636 x 478 ] - Click to view full image
Select "Secondary domain controller for an existing domain" and click "Next"
Reduced: 80% of original size [ 639 x 478 ] - Click to view full image
Enter your network credential and click "Next"
Reduced: 79% of original size [ 641 x 477 ] - Click to view full image
Type your Existing Domain (e.g: NANFLEXALTECH)
Reduced: 79% of original size [ 641 x 476 ] - Click to view full image
small pop-up will appear and click "Yes" and click "Next"
Reduced: 80% of original size [ 638 x 479 ] - Click to view full image
click "Next"
Reduced: 80% of original size [ 639 x 481 ] - Click to view full image
click "Next"
Reduced: 80% of original size [ 636 x 477 ] - Click to view full image
Create your "Directory services restore mode administrator password" and click "Next"
Reduced: 80% of original size [ 637 x 477 ] - Click to view full image
click "Next" and you will see the picture below
Reduced: 80% of original size [ 639 x 455 ] - Click to view full image
Reduced: 80% of original size [ 637 x 458 ] - Click to view full image
click "Finish"
Reduced: 80% of original size [ 635 x 458 ] - Click to view full image
click "Restart Now"
Reduced: 80% of original size [ 639 x 479 ] - Click to view full image
If everything went good, you will see the above picture when you run your "Active Directory User and Computer"
