U-Tools: Unique Tools for Windows System Administrators

Active Directory Snapshots on Windows Server 2008

Q: I can create snapshots of AD on Windows Server 2008 (or later), so why do I need to use U-Move?

A: NTDSUTIL can be used to create a read-only snapshot of Active Directory that can be inspected offline. However, all passwords and secrets are stripped from the snapshot. This includes all user passwords, machine passwords, domain-trust secrets, EFS file encryption keys, and certificate authority (CA) keys.

Because the snapshot is incomplete it cannot be used to restore AD. (If you attempt to restore AD using the snapshot the server will not boot.)

U-Move creates a daily scheduled snapshot of Active Directory that is identical to the original database. This means that the snapshot can be restored in the event of a disaster. Only U-Move can create true snapshots, giving you complete disaster recovery capability.

U-Move Frequently Asked Questions