Backup Active Directory database

You must perform System State backup. AD is included in SYSTEM STATE.

To restore it, start your system and press F8 and choose Active Directory Restore mode.

Tombstones have a default expiry time of 60 days, and after this time, the Active Directory permanently removes all trace of the object and completes the deletion by replicating the final state change.

The default value for the tombstone lifetime entry is 60 days. This value can be set on the Directory Service (NTDS) config object.  

CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=COMPANY,DC=COM

After SP1, the tombstone is set to 180 days.

To change the tomestone time, ADSIEdit.msc.

Windows Server 2003 and Windows 2000 do not allow the restoring of old backup images into a replicated enterprise (one or more domain controllers are running). The old backup image is more than 180 days.

If every DC in the domain is destroyed in a single domain controller forest or in a single domain that contains multiple domain controllers, you can restore the DC from the outdated backup (more than 180 days). However, you cannot restore the DC from the outdated system state in a multi-domain forest.

Global Catalog Server

Each site must have at least one Global Catalog Server.

Investigating your network for GC

Method one:
NSLOOKUP gc._msdcs.<ROOT DOMAIN>

C:\Documents and Settings\Administrator>NSLOOKUP gc._msdcs.east.com
Server:  ex64.east.com
Address:  192.168.2.20

Name:    gc._msdcs.east.com
Addresses:  192.168.2.20, 192.168.2.100

Method two:
$Forest =[System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
$GClist = $Forest.FindAllGlobalCatalogs()
ForEach ($GC in $GClist) { $GC.Name }

This one is accurate.