Windows System State Backup
Back up and restore critical Windows Server components: Active Directory, registry, boot files, and more.
What Is System State?
Windows System State is a collection of critical operating system components that define the server's identity and configuration. A System State backup captures these components as a consistent set, allowing you to recover server configuration without performing a full bare-metal restore.
- •Registry: All system and user registry hives.
- •Boot files: Boot Configuration Data (BCD) and essential boot files.
- •Active Directory (on Domain Controllers): The AD database (NTDS.DIT), SYSVOL, and Group Policy objects.
- •Certificate Services database (if the CA role is installed).
- •Cluster service information (if the server is part of a failover cluster).
- •IIS metabase (if the Web Server role is installed).
- •COM+ Class Registration Database.
Setting Up a System State Backup
Use the System State backup wizard in the desktop agent to create a backup set. The wizard walks you through the backup configuration, destination selection, and scheduling.
- •Step 1: Components — Review the components that will be captured: registry, boot files, Active Directory (on domain controllers), and other system role databases. All components are captured atomically — you cannot cherry-pick individual items.
- •Step 2: Destination — Choose where backups are sent: iDrive e2 (cloud) or local NAS/network share.
- •Step 3: Schedule — Set when backups run. Daily is strongly recommended for domain controllers; weekly for member servers.
- •Step 4: Review — Verify your choices and click Create Backup Set.
ℹ Note
System State backup and in-place restore are both production-ready as of v1.3.3. Restore reassembles the WindowsImageBackup tree from chunks and invokes
wbadmin start systemstaterecovery on the local host. Manifests captured on a domain controller include the full Active Directory database — restore prompts with a DSRM warning before continuing and requires a reboot when AD components are present.Configuring System State Backup
System State backup is available in the System State tab of the desktop agent on Windows Server machines. It uses the Windows Server Backup (wbadmin) infrastructure under the hood.
- •Open the desktop agent on a Windows Server machine.
- •Navigate to the System State tab (visible only on Windows Server editions).
- •Click the System State backup card to launch the wizard.
- •Choose a schedule. Daily is recommended for domain controllers.
- •BackupEngine captures the System State via the Windows VSS writers and uploads it like any other backup set.
System State backup via CLI
# Run a System State backup backupengine system-state backup # Schedule daily System State backups backupengine system-state schedule --type daily --time 03:00 # List available System State restore points backupengine system-state list-points
ℹ Note
System State backups on domain controllers include the full Active Directory database. These backups can be large (several GB) but are deduplicated efficiently because the AD database changes incrementally.
Restoring System State
System State restore is typically performed when the server's configuration has been corrupted, after a failed update, or when recovering Active Directory objects.
- •Authoritative restore (Active Directory): Restores AD objects and marks them as authoritative so they replicate to other domain controllers. Used to recover deleted OUs, users, or group policies.
- •Non-authoritative restore: Restores the system state and allows the server to replicate with other domain controllers to receive the latest changes. Used after hardware failure or OS corruption.
- •Registry-only restore: Restore only the registry hives without affecting other system state components.
Restore System State via CLI
# Non-authoritative System State restore backupengine system-state restore \ --point-in-time "2025-12-15T03:00:00Z" # Authoritative AD restore (requires DSRM boot) backupengine system-state restore \ --point-in-time "2025-12-15T03:00:00Z" \ --authoritative \ --ad-subtree "OU=Sales,DC=company,DC=com"
⚠ Warning
System State restore on a domain controller requires booting into Directory Services Restore Mode (DSRM). An authoritative restore will override changes on other domain controllers for the restored objects. Plan carefully and test in a non-production environment first.
Best Practices
- •Back up System State daily on all domain controllers.
- •Keep at least 14 days of System State restore points for AD tombstone recovery.
- •Test System State restore in a lab environment at least once per quarter.
- •Combine System State backups with BMR backups for complete server protection.
- •Monitor System State backup size over time — sudden increases may indicate issues.