In the previous article we looked at the operations and processes regarding backup and recovery of AD DS information, namely the AD DS database and its objects. In this article we will be looking at the backup options for some of Active Directory’s other modules such as Active Directory Certificate Services (AD CS). Your Active Directory monitoring solution should be tracking events for AD CS to ensure the information is backing up successfully.
Azure & Active Directory Center
ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.
Jonathan is an Information Technology consultant and instructor that specializes in migrations, security audits, new Microsoft technology implementations, and support contracts for Microsoft technologies. Jonathan also has expertise in Office 365 Services including, but not limited to, Azure Active Directory, Exchange Online, Skype for Business/Teams, SharePoint Online/OneDrive, Microsoft Azure/Office 365 Security and Compliance features including alerts, permissions, information classification, data loss prevention, information governance, threat management, data privacy, and reporting.
In Part 2 of this series, we'll discuss backup and recovery options for Active Directory Domain Services (AD DS) as a critical component of Active Directory Monitoring. AD DS stores information about the objects on your networks such as user accounts, passwords, user information such as phone numbers, addresses, etc. This information allows users to be authorized on your network to access information. Every organization, large or small, should be backing up this information to restore in the event of any loss of data. This article will cover Windows Backup technologies, tools, and processes for keeping this data intact for restore.
This is a 5-part series discussing how to backup and restore objects for Active Directory modules in Windows Server which is a critical component of Active Directory Monitoring for any organization.
It is always recommended to utilize Active Directory monitoring to help you maintain a healthy authentication and authorization infrastructure. The Windows Time service is a critical component in being able to authenticate users that are using the Kerberos V5 services used by Active Directory. However, some questions usually come up as to how the Windows Time service works and what information should you be looking for when your AD monitoring system finds issues.
In the previous blog article “The Active Directory Time Service – Part 1: AD Monitoring basics of W32time”, we discussed how Network Time Protocol (NTP) and the Windows Time Service work within Active Directory and why they are critical components of Active Directory Monitoring. In this next part, we will learn about how to configure NTP time sync both manually and by using Group Policy. Before we go and make any changes, we need to check the current settings.
Want to learn more about Active Directory?
Active Directory Administration Cookbook, 2nd Edition
In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2022.