Solved

Bringing up Active Directory and Servers in DR site?

Posted on 2011-02-17
6
653 Views
Last Modified: 2012-05-11
Looking for thoughts and best practice for replicating and dealing with restoring an environment after disaster strikes.  We have a DR facility with a high bandwidth pipe.  Replicating AD to this site would not be difficult, but what happens when your primary site evaporates into thin air and you need to bring up the same server infrastructure at DR?  We have the ability to Snap mirror (replicate) data in near realtime via SAN and we are heavily virtualized.  What I'm struggling with is the naming and IP addressing of the identical servers at DR.  I'd be interested to hear how others are tackling this issue?  Assuming that in the event of Primary site failure, the DR site must quickly assume all critical server roles, names and IP addresses.

Thanks!    
0
Comment
Question by:dkraut
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 27

Expert Comment

by:KenMcF
ID: 34921009
Just install another DC at your DR site with DNS and make it a GC. Do not use imageing or snapshots. Make sure you setup your DR site as a seperate AD site with the proper subnets.
Some companies configure there DR sites as lag sites and only replicate during certian hours or days of the week.
0
 
LVL 121
ID: 34921034
if you've got NetApp Filers at both sites and you are heavily virtualised this is easy.

At the DR site, Break the Snap Mirror to the LUNs containing your Snapshots of the LUNs which contain your servers present these LUNs to your ESX servers at your DR site (ESX will see them as snap LUNs).

Rescan the hbas and vmfs, the LUNs should appear, browse the datastores add the VMs to the inventory.

Power On VMs.

Now, this assume's one thing, and we've spoken to our Networking Team, and they have carried over ALL or production VLANs to the DR site, ready for the day, when we have to move there.

0
 
LVL 5

Expert Comment

by:alreadyinuse
ID: 34921624
If you are wanting an identical setup with names, ip addresses, dhcp etc then why don't you isolate the environment until needed. Put a firewall in the frontend and deny communications until needed. Provide seperate external access if needed using a VPN connection into the isolation DR site for testing etc.
0
 

Author Comment

by:dkraut
ID: 34926409
So setting up a new site with DC's at the DR facility seems like a logical approach to handling AD.  What about Stretch/Geo clustering for critical app servers?  Anyone have any experience with this?  
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 37398719
Question PAQ'd and stored in the solution database.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question