Solved

Replicating Domain Controllers and backups

Posted on 2007-03-30
3
195 Views
Last Modified: 2010-03-17
We are moving to a virtualised environment and have created a 3rd Domain Controller in our Domain.  If the existing domain controllers are being backed up, presumably I don't need to backup the 3rd DC do I?  (assuming that replication is working)

Of the 2 existing DCs, one has all of the FSMO roles including GC.
0
Comment
Question by:ddh76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18822154

Technically no you don't.

However, it would seem sensible to run a system state backup "just in case".

Chris
0
 
LVL 1

Author Comment

by:ddh76
ID: 18835165
So if we had to do a restore, would I just use the FSMO Master's backup and perform it authoritatively?
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 18835302

Well it depends.

If you lose the master DC, and you have the others operating just fine I wouldn't bother with a restore at all, just clear out the dead DC using:

http://support.microsoft.com/default.aspx?scid=kb;en-us;216498

Then rebuild a new DC.

If you need to restore individual items then yes, you would boot into DS Restore Mode and perform an authoritative restore of the missing object.

Things do changes slightly if you're running Exchange on one of those DCs.

Whatever happens you should still maintain backups of the System State.

Chris
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question