Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.
COURSE of the MONTH
8 days, 14 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Restoring Virtualized Win2k8 DC from backup
Posted on 2013-01-02
Ok, we are backing up our VM DC's every 2 hours.
Should we need to restore one from backup how long can AD be down for and will we experience problems should we restore from a 2hr backup? Will take a minute to restore.
and
Should we lose a DC and not be restored within hours or days what is required to restore the DC? I assume build a new VM and add as a DC and forcibly remove roles from AD?
Should we need to restore one from backup how long can AD be down for and will we experience problems should we restore from a 2hr backup? Will take a minute to restore.
and
Should we lose a DC and not be restored within hours or days what is required to restore the DC? I assume build a new VM and add as a DC and forcibly remove roles from AD?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
7
3
3- +2
16 Comments
You need to have at least 2 DCs then you don't have to worry about that. If one DC would go down then the other is serving AD services. Just remember that you cannot use restore from snapshot on your 2008 DC, the only allowed option is restore from "System State Backup" which requires new server to be installed and then you may restore it from System State
In case that yo have more than 1 DC in your network and one of DCs would die, then you may simply do metadata cleanup of that DC and that's all
Regards,
Krzysztof
In case that yo have more than 1 DC in your network and one of DCs would die, then you may simply do metadata cleanup of that DC and that's all
Regards,
Krzysztof
Active today
AD DCs used to be 60 days before tombstone, and it would not replicate, it's now 180 days by default.
build a new VM, promote to a DC (dcpromo), depending upon which has failed, sieze the FSMO roles, and remove the old DC from AD.
build a new VM, promote to a DC (dcpromo), depending upon which has failed, sieze the FSMO roles, and remove the old DC from AD.
Active 6 days ago
We have 2x DC's at Site A and 2x at Site B (over a VPN).
So no need to backup then? Using acronis... Not sure what you mean by system state..
So no need to backup then? Using acronis... Not sure what you mean by system state..
You should have at least 2 DCs per Site for more security. If your replication does not work over VPN you would face AD DB missing updates. Mostly inter-site replication (remote locations - different sites) issues face domain environments than intra-site replication (local sites)
Krzysztof
Krzysztof
Personally I dont back up DC's at all now. A restore of an AD VM is more hastle than its worth and can cause issues.
So long as you have multiple DC's, Shoot yourself if you dont, AND you restrict DC's to being just that, no additional applications running on them, no file stores on them, just plain simple AD and DNS/DHCP services.
Now should you lose a DC you just create a new one and as everyone else says, force any FSMO roles that your old one had and meta data clean up to get rid of old one.
A thing to consider is splitting your DHCP role amongst multiple servers and splitting your scopes between them for redundancy. You dont want to lose the only DC on a site with DHCP on it do you!?
So long as you have multiple DC's, Shoot yourself if you dont, AND you restrict DC's to being just that, no additional applications running on them, no file stores on them, just plain simple AD and DNS/DHCP services.
Now should you lose a DC you just create a new one and as everyone else says, force any FSMO roles that your old one had and meta data clean up to get rid of old one.
A thing to consider is splitting your DHCP role amongst multiple servers and splitting your scopes between them for redundancy. You dont want to lose the only DC on a site with DHCP on it do you!?
Active 6 days ago
in case?
If it blue screens or someone deletes the VM, then restoring it a few hours later will be ok then?
If it blue screens or someone deletes the VM, then restoring it a few hours later will be ok then?
Active today
You need to understand things here
If you restore the DC from image or snapshots then you may face USN rollback issue
To know more on USN rollback follow http://utools.com/help/UsnRollback.asp
It is allways a wise decision and standard practice to have minimum 2 DC's in Domain at a site
I would also prefer to have backup of system state too...It does not cost you anything than some disk space
If you have two DC's and one goes down you can start 2nd DC in 30 Mins thats't too without disrupting services
If you restore the DC from image or snapshots then you may face USN rollback issue
To know more on USN rollback follow http://utools.com/help/UsnRollback.asp
It is allways a wise decision and standard practice to have minimum 2 DC's in Domain at a site
I would also prefer to have backup of system state too...It does not cost you anything than some disk space
If you have two DC's and one goes down you can start 2nd DC in 30 Mins thats't too without disrupting services
Active 6 days ago
What triggers the event ids and issues with AD? The amount of time? The amount of changes made within the database(s)? Replication?
Not sure what you mean: If you have two DC's and one goes down you can start 2nd DC in 30 Mins thats't too without disrupting services
Not sure what you mean: If you have two DC's and one goes down you can start 2nd DC in 30 Mins thats't too without disrupting services
Active today
I mean you have 2 DC's in same domain and at same site assuming that you have put IP of both DC's in client DNS search order
and your DC1 crashes then all login/authentication and group policies request will be processed by DC2
in meantime you can format the crashed DC and promote that as a new DC ..with clean installation ...
and your DC1 crashes then all login/authentication and group policies request will be processed by DC2
in meantime you can format the crashed DC and promote that as a new DC ..with clean installation ...
Active 6 days ago
So consensus is to back them up but in real world you wouldn't restore them, ever. If failure occurs, build new DC, seize/transfer roles and clear old metadata from AD of failed DC?
Active today
Yes but the backup is taken incase you have any rarest of the rare event when both of your DC's are down
Featured Post
This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video.
We have explained the difference between…
Suggested Courses
Course of the Month8 days, 14 hours left to enroll
764 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.