dqnet
asked on
Domain Controller VHD
Hi experts,
Really quick question I believe.
I have a domain controller virtualized and I was wondering as I do full system backups from within the VM (guest) if I wanted to restore the domain controller do I just create a new vm, insert the 2008 cd, click repair, point to the image and click ok to the restore? Ultimately do I need to set the restore flag in dsrm after the restart or can I go straight into windows without entering safe mode and the other domain controller will automatically pick up the new domain controller and replicate to it?
I've read so many articles and all are so overly complicated.
Thanks!
Really quick question I believe.
I have a domain controller virtualized and I was wondering as I do full system backups from within the VM (guest) if I wanted to restore the domain controller do I just create a new vm, insert the 2008 cd, click repair, point to the image and click ok to the restore? Ultimately do I need to set the restore flag in dsrm after the restart or can I go straight into windows without entering safe mode and the other domain controller will automatically pick up the new domain controller and replicate to it?
I've read so many articles and all are so overly complicated.
Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, that would be MUCH faster, but you will risk corrupting your domain, because it is likely that any changes made in the domain after the last backup, but before the crash, will have been assumed to already be replicated to the DC (because they were) but now you're putting an old DC image back, with old data. That's why the recommendation is to not do that....
In that case, it really is better to install a new machine, and never bring back the old DC. It's really not that much trouble.
I'd still be backing up the DC images, just in case you lose both.. it'd be possible that the virtual backup might someday be your best or ONLY option for restore.
Now that I've written all that, I do find one article that says that there is one supported way (on Server 2008) to backup and restore a DC, and that is to use WIndows Backup on the virtual itself, which kind of negates the advantages you're talking about getting by the fact that it's a virtual. Here's the article:
http://technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv(v=ws.10).aspx
There's a section in there specifically titled "Backup and Restore practices to avoid" which details NOT restoring VHDs for the reasons I stated above, but definitely check it out.. It's a better description!!
Good luck, and don't be afraid of the NTDSUTIL needed to force out a DC - It's not bad if you follow the instructions on Microsoft's site if you ever need to do it.. I've done it several times, but I wouldn't ever do it without the instructions handy, just to make sure I'm doing it properly...
In that case, it really is better to install a new machine, and never bring back the old DC. It's really not that much trouble.
I'd still be backing up the DC images, just in case you lose both.. it'd be possible that the virtual backup might someday be your best or ONLY option for restore.
Now that I've written all that, I do find one article that says that there is one supported way (on Server 2008) to backup and restore a DC, and that is to use WIndows Backup on the virtual itself, which kind of negates the advantages you're talking about getting by the fact that it's a virtual. Here's the article:
http://technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv(v=ws.10).aspx
There's a section in there specifically titled "Backup and Restore practices to avoid" which details NOT restoring VHDs for the reasons I stated above, but definitely check it out.. It's a better description!!
Good luck, and don't be afraid of the NTDSUTIL needed to force out a DC - It's not bad if you follow the instructions on Microsoft's site if you ever need to do it.. I've done it several times, but I wouldn't ever do it without the instructions handy, just to make sure I'm doing it properly...
ASKER
I read that document a few times but I cant see where exactly it says how to restore from a full vhd backup created by Windows Backup itself. It just says avoid restoring from a VHD copy which is something I already do.
It does explain how to restore using windows backup 2008 but not how to do it when the domain controller is virtulised. The document gets very generic as you progress through it.
Can you make any sense of it?
It does explain how to restore using windows backup 2008 but not how to do it when the domain controller is virtulised. The document gets very generic as you progress through it.
Can you make any sense of it?
I think that's the whole key.. The only supported way to restore a domain controller would be if you were using the built-in Windows Server Backup sofrware, which would be ad database version aware. Because you're talking about restoring a VM, that would be an image backup, restoring to a point in time which has a version of the AD database which is no longer valid, and doing any AD restore in that way is not recommended or supported.
ASKER
I really cant believe how vague the document becomes!
Anyway thanks guys, points split best way I saw fit I guess :)
Anyway thanks guys, points split best way I saw fit I guess :)
ASKER
Yes, we do have 2 domain controllers one virtual and one physical but the question here is if the virtulised one goes down we have two backup copies 1. the host backup software backing up the guest and 2. the guest backing itself up using windows server backup 2008
(guest backing being active directory aware) and the host backup only takes a VSS backup and is not active directory aware.
My question is if the vhd gets corrupted or something happens, can I not just create a new VM on the fly and restore the VM from the guest Backup and not the host backup?
(no need for dcpromo, no need for cleaning the domain, no need for setting up DNS, just simply create a VM, put the dvd in, boot from CD and restore the domain controller)?
Is that not much faster? (let alone the question being, do I have to use DSRM after the restore)?