First, take stock of your existing disk setup:
Now, mount the VHDX disk contained in the remote backup:
Time to check your disk configuration again:
Note the disk number (2) and partition (2) where the backup of NTDS.dit resides. Use this information to assign a drive letter in the operating system:
Finally, use DSAMAIN.exe to mount the backup of Active Directory:
Sweet! Now we can point our existing admin tools at this mounted copy by using the: notation. For example:
Or...
The deleted information (or the absence of corruption) can now be easily and safely corroborated.
Get-Partition
Now, mount the VHDX disk contained in the remote backup:
Mount-DiskImage –ImagePath "\\NINJALDS01\TEMP\Backup\1502021020\WindowsImageBackup\NINJADC02\Backup
2015-02-02 102022\dcafa9ee-79ef-426b-ba58-806e81f09963.vhdx"
Time to check your disk configuration again:
Get-Partition
Note the disk number (2) and partition (2) where the backup of NTDS.dit resides. Use this information to assign a drive letter in the operating system:
Set-Partition –DiskNumber 2 -PartitionNumber 2 -NewDriveLetter Z
Finally, use DSAMAIN.exe to mount the backup of Active Directory:
Dsamain –dbpath "Z:\Windows\NTDS\NTDS.dit" -ldapport 5000
Sweet! Now we can point our existing admin tools at this mounted copy by using the
Get-ADUser -Identity IanFarr -Properties * -Server NINJADC02:5000
The deleted information (or the absence of corruption) can now be easily and safely corroborated.
No comments:
Post a Comment