Authoritive\Non-Authoritive restores

ivlatt

Hi
Recently started studying for 290 and all seems to be going well, feeling confident so far.
On Transcender I noticed this question keeps popping up and I don't really have any understanding of the difference between the 2 (limited 2003 experience) and I feel the Transcender explanation doesn't help either.
If someone could ellaborate on both, it'd be much appreciated.
Cheers

aordal

Authoritative basically means that once you restore some information to a domain controller that information is going to be replicated to all the other DCs exactly that way. It's useful if a bunch of information is mistakingly deleted and you don't notice it until its been replicated.


Non-authoritative is *mostly* useless. It's useful for restoring a crashed DC that is on a remote site that has a slow link to other DCs and is the only DC there. It puts all the information from the restore onto the DC but any newer information from other DC updates what you already have.

94jedi

^ so the non-authoritative restore is usefull for simply getting a DC (single box at a remote site) back up, then letting the main DC's overwrite the old info via replication after the fact?

Psoasman

They both have different uses. An authoritative restore will bring the DC back to the point of when you created the backup and any changes since the backup will be overwritten.

If you accidentally deleted a user in an OU, you could do a nonauthoritative restore and use ntdsutil to mark that user account as authoritive. That way, the deleted object is restored and replicated out to other DCs.

Nonauthoritative restores are normally used when the DC has a failed HDD, hardware issues, software problems.

This is material from the 294 exam, I don't recall any questions about this on the exam.

mrmcmint

Authoritative=will overwrite when replication takes place (increments pvn)