Restoring Active Directory to Dissimilar Hardware

Posted on 2011-10-05
Last Modified: 2012-09-14
I am trying to get a working procedure for quick recovery of a windows server 2003 domain controller to other hardware for disaster recovery purposes using imaging. The point I am stuck at is restoring the system state and getting replication working correctly.

Further info:
I've been testing using Acronis imaging software to take an image of the live server system disk and putting this image on the test server - this works well and boots without any issues due to the hardware being the same make and model as the live box.

My next step was to setup another test server with an image from our second site so I end up with a lab setup which replicates the live setup - two domain controllers replicating AD to each other and correctly in sync.

If I then take an image of test server 1 and also backup the system state, then make AD changes and let them replicate, I can successfully restore test server 1 using the test server 1 image and boot into directory services restore mode and restore the system state from the test server 1 backup (non-authoritative) - boot normally and the test servers happily start replicating correctly and AD changes made after the test image are pushed over from test server 2 to test server 1.

If I start the test again putting a live image onto test server 1 and restore a backup of system state in DSRM taken from the live server, replication does not work - repadmin /showrepl gives me "error 8456 (0x2108) :Can't retrieve message string 8456 (0x2108), error 1815".

This article tells me "It is possible to restore Active Directory to a computer other than the original computer, both computers must have the same number of disk drives. Also, if the replacement domain controller has a different video adapter or multiple network adapters, uninstall them before you restore data. When you restart the computer; Plug and Play functionality makes the appropriate updates."

What I'm unsure about is what is meant by "the same number of disk drives", does this mean physical or virtual - my live server has raid 1 (two disks) for the system disk which I image onto test server raid 1 (also two disks). Both server also have another drive D: but this is raid 5 (three disks) on the live server and raid 1 (two disks) on the test server. Also, the live server is hosting some iSCSI disks (SAN) which were not connected when performing the tests.

The test server does have "multiple network adapters" but the same number and models as the live server, although all adapters do lose their settings after the image restore from live to test.

I know I could use dcpromo after restoring the test server, but I used this method before and ran into quite a few issues due to the server also being CA, SQL Sharepoint etc (2 hours on phone with MS).

Seems I'm not far off a working procedure - Any help with this would be appreciated.

Question by:DAVEBE
    LVL 3

    Expert Comment


    Why don't you migrate your original DC to a Hyper-v platform.
    Then you don't have any limitation related to HW when you need to restore.
    Just get a new server install hyper-v and import the most up to date VHD you have backed up...

    Author Comment

    Hi Rediers
    Yes, virtualising the DC is one option I've been thinking of, but in my situation it would have to be in addition to the existing server due to the other roles/functions it is performing - so I  would be moving just the DC function off my existing server to a VM which would also mean I have less eggs in one basket. My concern here is cost though.
    Thanks for the comment.
    LVL 3

    Assisted Solution

    Why would you need to split out the other functions.
    Virtualisation no longer has a high overhead. It might need a bit more RAM.
    So if the server is now able to run fine on the hardware it will also run fine in a virtual environment.
    Unless you really have software or roles/functions that cannot run in a virtual environment.

    And Hyper-V is free...

    You take your test box... put Hyper-v on it.
    THen migrate the operational server to Hyper-v...
    While it's running there you put hyper-v on the original machine.
    And when you have that running... you migrate the virtual server over to your original machine.

    And all you need for disaster recovery is a new machine which runs hyper-v and a copy of the vhd and the config file.

    you can even convert the data disks to VHD or keep them connecting to phisical disks...

    So from a cost perspective i don't see an issue.

    Author Comment

    My main reasoning behind splitting the functions is that it would be less trouble in the future if my DC is not also running certificate authority (which has to be removed for dcpromo), SQL server, file server, IIS, exchange server. In this case I would have the cost of server licensing.

    Also I already have a VM host running some virtual servers so was thinking about using that to transfer the existing DC to but was concerned about transferring the additional workload over and having the issue of having to add more network adapters for the iscsi connections to my SAN. I understand what your saying about utilizing my existing test/DR server for a new VM but then I would have to buy a new one to replace it.

    Author Comment

    Any help on this issue would be greatly appreciated.
    LVL 14

    Expert Comment

    Did you try Universal Restore feature of Acronis.
    Its exactly what you are looking for. Universal restore helps you restoring the image of a server to any workstation and it works perfectly fine. I have testing restoring image of a windows server 200 with oracle to a regular workstation and it worked :)

    Author Comment

    Thanks for the comment
    The image restores fine as it's the same make and model. It's after the system state is restored from the live server to the restored image on the standby server that I have issues with replication (see original question).
    LVL 1

    Accepted Solution

    Did you get this answered?  I think you are seeing the effects of a USN rollback. Check out this technet article:  Also try looking over for information relating to the error you are receiving. The problem you are getting is that the info in the image's AD database is marked with outdated USNs, and therefore causing a conflict with the DC you are attempting to replicate from.

    As to the drive question, it is the physical number of drives that the article is talking about.

    Author Comment

    I gave up on this due to lack of time, but I was using a restore procedure which avoids the USN rollback issue - this procedure works when restoring to the same server ( I can successfully restore from an image a few weeks old and get replication working correctly), it was when I was restoring to non-identical hardware that I ran into the issue.

    Thanks for the info on the drives, the number of drives that make up the system disk (the disk image being restored) is identical, but the total number of drives on the server is not identical to the original, maybe that is my problem.
    LVL 1

    Expert Comment

    OK, well if you have further questions please feel free to ask.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
    A quick step-by-step overview of installing and configuring Carbonite Server Backup.
    In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
    In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now