Recovering on premises Server 2016 Domain Controller

New Contributor

I have (had) a single on premises domain controller built on Server 2016. The server was backed up to the Azure Recovery Services Vault. The on premises domain controller was the primary domain controller for my domain. 

The server has been rebuilt, but I have not yet joined it back to the domain as I am uncertain exactly what steps need to be taken to restore this and maintain the integrity of the existing AD. I have looked around online, but I have not been successful in finding a definitive guide to completing this restore operation.

Can anyone please point me to an appropriate documentation set to guide me through this process. 

I am also open the thought that perhaps this is an opportune time to migrate my AD control to an Azure VM and would be interested in thoughts on taking this approach.

I thank you all in advance for your kind assistance.

4 Replies

is it a virtual server ?
As you have lost your only DC, exactly what domain are your referring to when you say join it back to?

this link covers all recovery scenarios:


Regarding the Azure VM  approach, i would still suggest 2 DC's.

but you could have 1 on-prem and 1 in Azure over VPN.

Once you recover you current DC, you can start a new VM in Azure and promote it to a DC, remeber to define sites in your topology

Thanks for the reply Kent. The failed server is a physical on premises domain server. It was used as the basis for building the rest of the domain. It has been backed up to the Azure environment but is the only AD domain server.


I had a look at the link you sent. It appears that this document refers to Server 2003. As the server is a 2016 server operating in an Azure infrastructure, I would have thought there would be a be recovery mechanism based on modern AD constructs and drawing on the data stored in  Azure. Am I incorrect in this assumption and the approach as outlined in your document still stands?

The basic of AD restore have not really changed, its unfortunate that its a physical server.
How was the server backed up, direct agent or through DPM - More info would help explain what restore options you have.

If you just used the mars agent and backed up the system state, then you reinstall the server and then the agent, then restore the system state. the problem her is that you have to insure that windows has the same update level as before or you will encounter problems.

If you used DPM or protected in such a manner that you could restore it as a VM, i would deploy the Hyper-V role to you server and restore the entire DC.