Windows standard server backup utility and also the backup command line tools can be used to backup Active Directory and SYSVOL.
Active Directory database and associated log files are stored in in C:\windows\ntds.
ntds.dit – Is the physical database files in which all directory data is stored
Edb.log – This is the log file into which directory transactions are written before being committed to the database.
Edb.chk – This is the files used to track the point to where directory transactions in the log file have been committed to the database.
SYSVOL is a shared folder that contains the server copy of the domain’s public files and includes:
- Login Scripts
- Group Policy
- Distributed Files system staging folder and files
- File system junctions
The Windows system state is a collection of system components that are not contained in a simple file but can be backed up easily. It includes the following:
• Boot files (such as bootmgr)
• DLL cache folder
• Registry (including COM settings)
• SYSVOL (Group Policy and logon scripts)
• Active Directory NTDS.DIT (domain controllers)
• Certificate Store (if the service is installed)
• User profiles
• COM+ and WMI information
• Cluster service information
• IIS metabase
• System files that are under Windows Resource Protection
Therefore, if you need to back up Active Directory, you need to back up the system state so that you can get all the Active Directory components.
Windows server backup
By default this feature is not installed, Add Roles and Features or Install-WindowsFeature Windows-server-backup can be used to install it.
The backups that can be done are System State backup, Critical-Volumes Backup and Full server backup
Wbadmin.exe is a command line utility that can be used to configure and initiate backup.
The system state can be backed up with the following command:
wbadmin start systemstatebackup -backupTarget:<VolumeName>
The wbadmin start systemstaterecovery can be used to recover system state.
Windows powershell has a number of cmdlets to configure a backup.