U-Tools: Unique Tools for Windows System Administrators
U-Move Help

Warning: Expired Backup

Active Directory cannot be restored because the backup file's contents have expired.

When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. The limit is 60 days if the AD forest was originally created with Windows Server 2000.

The error can also happen if the clock on the source computer was set ahead of the clock on the destination computer. Windows will refuse to restore AD if the database contains timestamps that are in the future (ahead of the current time of day).

How to Fix This Error

Check the clocks on the source computer and on the destination computer. Make sure the clocks are consistent (within one hour).

Use a more recent backup that has not expired. Generally the backup must have been made within the past 180 days.

Overriding the Warning Message

If you override this warning message you may encounter problems with lingering objects in Active Directory.

It is safe to override the warning message when you are restoring an entire forest where the backups were all made around the same time (within the same 180 day window). It is also safe to override if there is only one DC for the whole forest (e.g., Small Business Server).

Resetting the DC Shared Secret

Each domain controller (DC) has a shared secret that it shares with the other domain controllers to establish a secure channel for inter-DC communication in order to replicate Active Directory changes between DCs.

If there are other domain controllers in the domain, you might need to reset the shared secret with the other domain controllers because it has expired. The symptom of a lapsed shared secret are replication errors with the error message Access denied or Failed to authenticate.

For more information see Resetting the DC Shared Secret.


How to override this warning