How do I Backup Active Directory?

Backing up Active Directory is essential to maintain an Active Directory database. You can back up Active Directory by using the Graphical User Interface (GUI) and command-line tools that the Windows Server 2003 family provides.You frequently backup the system state data on domain controllers so that you can restore the most current data. By establishing a regular backup schedule, you have a better chance of recovering data when necessary.To ensure a good backup includes at least the system state data and contents of the system disk, you must be aware of the tombstone lifetime. By default, the tombstone is 60 days. Any backup older than 60 days is not a good backup. Plan to backup at least two domain controllers in each domain, one of at least one backup to enable an authoritative restore of the data when necessary.

System State Data
Several features in the windows server 2003 family make it easy to backup Active Directory. You can backup Active Directory while the server is online and other network function can continue to function.
System state data on a domain controller includes the following components:•
Active Directory system state data does not contain Active Directory unless the server, on which you are backing up the system state data, is a domain controller. Active Directory is present only on domain controllers. •
The SYSVOL shared folder:
This shared folder contains Group policy templates and logon scripts. The SYSVOL shared folder is present only on domain controllers. •
The Registry: This database repository contains information about the computer's configuration. • System startup files: Windows Server 2003 requires these files during its initial startup phase. They include the boot and system files that are under windows file protection and used by windows to load, configure, and run the operating system. •

The COM+ Class Registration database: The Class registration is a database of information about Component Services applications. •

The Certificate Services database: This database contains certificates that a server running Windows server 2003 uses to authenticate users. The Certificate Services database is present only if the server is operating as a certificate server. System state data contains most elements of a system's configuration, but it may not include all of the information that you require recovering data from a system failure. Therefore, be sure to backup all boot and system volumes, including the System State, when you back up your server.