Can I restore my Active Directory in Windows Azure?

It seems like I get loads of questions about Windows Azure and the IAAS offering we’re running these days. The last one is about how to get into DSRM (Directory Services Restore Mode), if you’ve been running your AD for a while you remember the old F8 trick during boot but in Windows Azure there’s only RDP access, so no pressing F8 then… Well, there’s a solution for everything and our engineers thought of this too, long before Windows Azure.

One big prereq for this to work out. You must have set your DSRM password to something you remember 😉

Two ways of doing this:

1) Sync with the domain administrator password: http://technet.microsoft.com/en-us/library/jj713556.aspx

2) Set it manually: http://technet.microsoft.com/en-us/library/cc754363.aspx#BKMK_examples

Once that’s done you just use bcdedit to boot into DSRM the next boot, open up CMD and type:

1) bcdedit /set safeboot dsrepair
2) shutdown –r –t 0

Once it has rebooted you can logon to your server by using “hostnameadministrator” with your DSRM password.

When you’re done restoring your AD you’ll need to make sure it boots back to normal. Open up CMD and type:

bcdedit /deletevalue {current} safeboot

On the next boot it’ll boot into Windows normally and you’re hopefully all back to normal operations!

One thought on “Can I restore my Active Directory in Windows Azure?”

  1. Hi,
    can you please confirm what do you mean by below lines.
    Once it has rebooted you can logon to your server by using “hostnameadministrator” with your DSRM password.

    i did the above steps on one of the DC now what credentials i need to use and in which format.

    i am getting autheticatioin failure when i try to login using format domainname\domainadmin and DSRM credentials

    Regards.
    Preet

Leave a Reply

Your email address will not be published. Required fields are marked *