………
Common AD CS Maintenance Tasks
Managing role-based administration
Configuring and monitoring CA event auditing
Monitoring system services
Renewing CA certificate
Backing up and restoring the CA
Demonstration: How To Configure CA
Event Auditing
• To configure the CA for auditing of object access
• To configure CA event auditing
AD LDS Maintenance Tasks
AD LDS Maintenance Tasks include :
Monitoring system events and services
Backing up and restoring AD LDS instances
Performing an authoritative restore of directory objects
Backing Up AD LDS
Consider the following when backing up AD LDS:
By default each instance stores Adamntds.dit and associated log files
in %Program Files%\Microsoft ADAM\<instancename>\data.
You can use Windows Server® Backup or any compatible third party
backup utility to backup AD LDS.
You should ensure that the instance is started before backing up its AD
LDS folder.
You should ensure that you are a member of the Administrators group or equivalent.
Restoration of Data to an AD LDS Instance
Consider the following when restoring data to an existing AD LDS instance:
Stop the AD LDS instance for which the data will be restored.
Use the backup program to restore the instance and overwrite existing files.
Restart the AD LDS instance.
Consider the following when data to an new AD LDS instance that does not belong to a configuration set:
Create a new instance specifying the same settings used during the original AD LDS installation, without creating an application partition.
Stop the newly created AD LDS instance.
Use the backup program to restore the instance and overwrite existing files.
Restart the AD LDS instance.
Performing an Authoritative Restore of Data on
an AD LDS Instance
Stop the running AD LDS instance for which the data is restored.
Use the backup program to restore the instance and overwrite existing files.
Activate the instance by using dsdbutil, at a command prompt.
Use dsdbutil to perform an authoritative restore using one of the following commands:
restore database restore object dn restore subtree dn Authoritative Restore dsdbutil
Back Up Program
AD LDS