copied the database back to the original DC

[Radanca]

Hello, how to copy the ntds.dit file to the original dc after having been modified ?

[MichaelGrafnetter]

Hello @Radanca , I can only give you one advice: "Please, do not perform such operation." You could break the entire AD forest, if you do not know exactly what you are doing (and sometimes even if you do).

[Radanca]

Hello @MichaelGrafnetter , We have a recovery lab where we restore Windows Backup backups of our production DCs. It is in this lab that I run a passwords audit with DSInternals. I restore the ntds.dit file from the backup and execute the Get-ADDBAccount and Test-PasswordQuality commands in offline mode. Everything works superbly. We have a forest made up of 9 domains, only 1 of these domains contains user accounts. This is where I audit passwords. Every day, I would like to replace the lab's ntds.dit file with the production one. I don't want to restore System State because it overwrites too much information like Inter-site connectors. I only want to restore the AD of the users domain. This way the lab AD will be identical to the production one with a delay of a few hours. And I could run the Get-ADReplAccount command and other pentest tools in online mode. To summarize, here is my question: how to overwrite the ntds.dit file on the lab DC without using the DSRM mode ?