Automating The Creation Of Active Directory Snapshots
you've learned that the NTDSUTIL command is nested. Therefore, you can enter the entire sequence of commands in one long line, and put that into a batch file or script, then configure that batch or script to run at a specific time by using Task Scheduler.
- Create a new batch file with the following lines:
- Check to see if the script works by manually running it once. You need to run is after logging in as a member of the Domain Admins group to one of your Windows Server 2008 Domain Controllers.
- Open Task Scheduler from the Administrative Tools folder, or from Server Manager > Configuration.
- On the left node, right-click Task Scheduler (Local) and choose Create Basic Task.
- In the Create Basic Task window, give the new task a name and description. I used "Create AD snapshot". Click on the Next button.
- In Task Trigger window, select the appropriate schedule for the task to run. I used Weekly. Click on the Next button.
- In Weekly window, select the appropriate schedule for the task to run. I used Friday at 8:00PM. Click on the Next button.
- In Action window, select Start a Program. Click on the Next button.
- In Start a Program window, browse to the batch file you've created. Click on the Next button.
- In Summary window, browse to the batch file you've created. Click on the Finish button.
- Back in the Task Scheduler console, in the Task Scheduler Library area, check to see if the task was properly configured.
- Double-click on the task and take a look at the General tab. By default, the task is configured to only run when a user is currently logged on to that computer. Being a Domain Controller, it's most likely that that will not happen that often. We want to configure the task to run even when no user is logged on, and we will do this by supplying a user name and password for the task to run as. Click on the "Run whether user is logged on or not" checkbox. Then click on the "Change User or Group" button.
- In the Select User or Group window, enter the name of the user that the task will run as. You can use the Administrator's account, but it's better if you create a special account for such scripts. I used the Administrator's default account for the purpose of this article. Click Ok.
- Enter the password for the account you chose, then click Ok.
- To check if the task runs correctly, you can right-click on it and select Run. You can then look at the current snapshots to see if a new one has been created.
@echo off ntdsutil snapshot "activate instance ntds" create quit quit exitSave the file as "ad-snapshot.bat" or similar, and place it in a location of your choice. I used C:'Scripts.