Active Directory is one of the most critical services in a Windows network. To avoid downtime and loss of productivity, it’s essential that you have effective disaster recovery plans in place for problems related to Active Directory. This point may sound obvious, but it’s amazing how many administrators don’t have a plan for one of the most common Active Directory® failure scenarios: accidental deletion of data.
Accidental deletion of objects is one of the most common root causes of service failure. When I do seminars and conferences, I often ask who has had an Active Directory failure due to accidental deletion of data. And every time, nearly everyone raises his hand.
To understand why data recovery is so complex, you first need to understand the following: how Active Directory stores and replicates objects, how it deletes objects, and the mechanics of authoritative and non-authoritative restores.