NetWorker:Active Directory GLR 无法还原已移动的对象的属性
Summary: 使用 NetWorker Module for Microsoft (NMM) 备份 Active Directory (AD) 对象。这称为粒度级备份和还原。 NMM 无法恢复已从其原始 AD 路径移动到新路径的对象的属性。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
NetWorker Module for Microsoft (NMM) 备份 Active Directory (AD) 对象。这称为粒度级备份和还原。
当 NMM 无法恢复已从其原始 AD 路径移动到新路径的对象的属性时,会发生此问题。
路径是 Active Directory 中的可分辨名称 (DN)。
例如:
The restore of Active directory attributes of object "CN=UserNameX" is failing. The reason is because this object at the time of backup had a DN like "CN=UsernameX,OU=OU123,OU=Admin,DC=domain,DC=com" Some time after the backup completes, that same object is moved in AD to new path like "CN=UsernameX,OU=Decommissioned,DC=domain,DC=com" Message: >>>> the Object does not exist in the Active directory, so its attributes cannot be restored. please try to reanimate it. NOTE Since the object has not been deleted, it is not present in Deleted Items of Active Directory and cannot be reanimated.
Cause
NMM Active Directory 粒度备份和还原功能行为以及 Active Directory 限制会导致出现此问题。
NMM 可以恢复已备份的对象或对象的属性,但是存在一些限制。
Tombstone lifetime restriction—When an Active Directory object is deleted, the object is retained in a Deleted Objects container or tombstone. If you need the deleted object, you should recover the tombstone object instead of creating a new object because data, such as the Security Identifier (SID) and the Globally Unique Identifier (GUID), are stored with the tombstone object. This data is critical for additional data recoveries, such as reclaiming assigned group permissions. Objects in tombstone are deleted when they reach the tombstone lifetime age for the domain. The lifetime age is 180 days for Windows. After an object is deleted from the tombstone, it cannot be recovered. This is an Active Directory restriction. The tombstone lifetime is a configurable attribute of a Windows domain. Moved or renamed objects—If objects are moved or renamed, but not deleted from Active Directory, those objects cannot be restored even if they are successfully backed up. Those objects are not stored in the deleted storage database (tombstone) so they cannot be restored.
Resolution
要防止此问题,请执行以下作:
要从移动对象之前的早期备份还原,请执行以下作:
- 备份对象后,请勿将 Active Directory 对象移至 Active Directory 中的新路径。这会导致还原失败。
- 如果尚未执行 Windows 更新,请尽快安排更新。 这包括对 .Net Framework 的更新。
要从移动对象之前的早期备份还原,请执行以下作:
- 将 AD 中的当前对象移回原始位置。
- 然后测试该对象属性的恢复。
Article Properties
Article Number: 000312869
Article Type: Solution
Last Modified: 29 Apr 2025
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.