A virus attack rendered our Domain controllers unavailable. Could not login with any account, tried a couple password reset tools to no avail. We ended up reformatting and reloading both servers, probably a best practice and gave us an opportunity to upgrade to 2008. Moving forward would like to redesign network and create two subnets, one for public use and one for staff use.
Trying to avoid another event bringing down the whole network consisting of around 70 machines. Having to go to every machine and readd them to the domain - very time consuming.
Does this sound like a good plan or are there better options?