shadow2007
asked on
Active directory DR
can someone give me a brief overview on which method of DR to use in what scenario ?
http://technet.microsoft.com/en-us/library/bb727048.aspx
it doesnt look very clear as to which option is right when performing DR (Non-authoritative vs authoritative ..and so on)
http://technet.microsoft.com/en-us/library/bb727048.aspx
it doesnt look very clear as to which option is right when performing DR (Non-authoritative vs authoritative ..and so on)
ASKER
ok this is the scenario
forest -> child
and if I were to rebuild the child DC from scratch
forest -> child
and if I were to rebuild the child DC from scratch
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you dont ever do an authoritative restor unless you have no other option. this is a major operation and you should seek guidance from a microsoft support professional or field engineer.
You would normally do the above procedure to restore any deleted objects. However when it comes to DR with a DC I usually put a lag DC in place which will be 24hrs behind. If you do run into any issues with your live AD you know the changes has not yet replicated to the lag DC. The only issue with this is when it is replicated then its no longer behind.
One nice thing is that with the recycle bin in 2008 R2 an authoritative restore is almost never needed.
Not sure if you have seen this guide from Gil and Guido
http://www.gilkirkpatrick.com/Blog/file.axd?file=NetPro_ADDR_Guide.pdf
...probably the best DR I've read.
Thanks
Mike
Not sure if you have seen this guide from Gil and Guido
http://www.gilkirkpatrick.com/Blog/file.axd?file=NetPro_ADDR_Guide.pdf
...probably the best DR I've read.
Thanks
Mike
Basically.. If all the domain controllers are permanently gone you'll want the authoritative restore.