Jorge with whom I had discussion which lead to this post is travelling somewhere in the States (hope you have great time Jorge), and I'm also traveling to my parents for eastern and I have some time to spent so maybe I will describe some problem, and resolution. Using image as backup method for domain controllers may not be the best idea in generall, but sometimes it is needed – for example when You are in Virtual environemnt. Restoring image of DC may cause USN rollback situation to occure (if You are not familiar with USN rollback – stay tuned to DirTeam.com blogs :), I think You may find good description of this problem soon here), which may lead to replication problems and other not desired effects. How to deal with it then, for example when You have virtual environment and You want to bring back to it old DC using copy of its VHD backed up somewhere.
procedure to achive this is simple and is described in offical Microsoft white paper. In short words, using registry entry we are forcing DC to perform backup and restoration directly after start for the first time after restoration time. This changes Invocation ID for DC database, and prevents from USN rollback problem to occur. You will find this in Running Domain Controllers in Virtual Server 2005 whitepaper. Jorge (credits here 🙂 ) pointed me that this procedure has one flaw – what it is missing is need to perform also procedure of restoration for SYSVOL with BurFlags D2 or D4 value depends on the case (detailed explanation of SYSVOL rebuild options can be found in KB 290762).
I hope this will finally be updated someday, till then .. let's give a chance for search engines to serve this blog entry for someone.