Non-Authoritative Restore:

1. General System Recovery:
   • Use non-authoritative restore when you need to recover the entire domain controller or a large portion of the Active Directory to a previous state.
   • This method is suitable for scenarios where widespread data corruption or deletion has occurred, and you need to revert the domain controller to a known good state.
2. Data Corruption or Deletion:
   • When data corruption or deletion affects a significant portion of the Active Directory, performing a non-authoritative restore can help reset the directory to a functional state.
3. Less Disruptive Recovery:
   • Non-authoritative restore is generally less disruptive as it relies on the standard replication process to bring the restored domain controller’s data up-to-date with changes made on other domain controllers.

Authoritative Restore:

1. Specific Data Recovery:
   • Use authoritative restore when you need to recover specific objects or attributes within the Active Directory that have been accidentally deleted or corrupted.
   • This method is appropriate for scenarios where individual objects or attributes need to be reinstated with certainty and authority.
2. Preventing Data Loss:
   • Authoritative restore ensures that the restored data is considered authoritative and will overwrite any conflicting changes made on other domain controllers after the backup was taken.
   • It’s essential for preventing data loss and ensuring the integrity of critical directory information.
3. Granular Recovery:
   • When only specific data needs to be recovered rather than the entire domain controller, authoritative restore allows for granular recovery by focusing on the specific objects or attributes in question.