Active Directory DR Failover help

I am working on performing DR exercise for Active Directory server. We have multiple sites globally, but I am working on performing the fail over exercise for specific site due to data center move.

I have 2 AD servers in IND SITE, One server ADDC1 in data center and another ADDC2 server in DR. Both the servers are in different location but its in same AD SITE GROUP and IP address is different.

My plan is to shutdown the data center ADDC1 server, after few min AD requests automatically redirect the AD requests to DR ADDC2 server.

- Need help to perform the DR exercise in better way.
- How can I validate that fail over is happened after shutdown the server ADDC1
- Is there any logs where I can get the details or any commands.

FYI - We manage DNS\DHCP using third party tools, AD servers handling only AD related task.
LVL 26
Sekar ChinnakannuStaff EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The security event log on each DC records the requests it receives.

What DNS a setup is on the site where the DCs are not present.

Your Failover will be two fold if your DCs are the only DNS servers and presumably, both DCs are vonfigured as GCs.

Each system initially uses DNS a to locate a DC, the DNS timeout will need to be reached before the request is sent to the DNS a server at the DR location.
The traffic and available bandwidth will dictate how much delay you might experience.

Often, DR planing that reduce overhead use TS/Remote desktop servers at the DR that the local users will be connecting to.

Enabling auditing workstation/systems to include login/logout events will record those events in the local security log which also reflects which system authenticated the user.

One option you can use. Ip routing on a local system to make ADDC1 inaccessible
This way only this system is impacted. Then logout/login and ..........
Leon FesterSenior Solutions ArchitectCommented:
My plan is to shutdown the data center ADDC1 server, after few min AD requests automatically redirect the AD requests to DR ADDC2 server
.  -  This is the correct way to simulate a disaster. The most important part of DR exercises is the planning for the DR event and most especially your rollback plan for restoring services when you're done with your exercise.

Remember; everything you do to simulate DR needs to be undone in the same order.
This could include: isolating network traffic/switching off multiple systems/restoring AD integrated applications.
In some instances the best recovery of your DR site DC is to rebuild it after the DR exercise.
Note: I didn't say restore, as I prefer to rebuild a DC if these is already an existing DC. Restores can give more headaches than rebuilds. However, if you are the kind of Engineer who wants to be able to troubleshoot lost DC's then go for it and restore a DC. You'll learn about all the AD Tools and authoritative and non-authoritative restores.

- Need help to perform the DR exercise in better way.
What you've achieved thus far is the DR simulation. i.e. I lost my main site!
While authentication requests can be serviced by the next available DC you still need to do the recovery of Server Roles to the new DC or your AD will be running in 'limp mode'.

It also depends how far you're going with your DR scenario.
In a full DR scenario you would seize roles on the new DC and delete the 'dead' DC from AD.
Also consider how you're going to restore the site after your DR exercise; if you have seized the roles and bring the other server back online again you'd have to re-seize the roles.

 - How can I validate that fail over is happened after shutdown the server ADDC1
The easiest way to check this from the workstation is to check the environment variable named "logonserver".
Use 'set' in a command prompt and check the value. It reports the name of the DC that authenticated the user session.

You can also check the security logs of your DR DC for authentication requests.

 - Is there any logs where I can get the details or any commands.
See above
Sekar ChinnakannuStaff EngineerAuthor Commented:
@ Leon, We are going to perform only AD DR exercise no other devices going to involve.When I am done with the DR exercise I am planning to power on the ADDC1 to restore the connection.  Why you mentioning to rebuild the server in DR site? we are going to keep the same for long term for fail over.
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Leon FesterSenior Solutions ArchitectCommented:
If that is all you're doing then the power-off/power-on scenario will work.
The rebuild of server at DR is only required if you're doing the role transfer and testing for an extended period.

In my Company we do annual DR testing in a few scenario's:
1. Full DR simulation with HO failing over to DR including full server recovery and remote sites logins to DR.
In this case we typically rebuild the DR server after the exercise.
2. Simulated DR: were our HO in another Country fails to their DR site and then connects to HO Prod servers.
In this case we simulate all the tasks so that we can roll-back the forced changes through manual tasks.

Quick question: Do you currently have more than 1 DC at your IND SITE?
If yes, then you've probably perform this failover exercise every time you do patching or server restarts as you'd be powering down one of the DC's during each operation.

NB. It is recommended that you have at a least 2x DC's per site.
Sekar ChinnakannuStaff EngineerAuthor Commented:
We have only one DC in data center and one in dr data center and both are in IND AD site for failover. Also we have few other AD sites which is near to IND site they are all in different AD sites.
Leon FesterSenior Solutions ArchitectCommented:
In that configuration then you be simulating this failover process each time you patch your DC in the data center.

But yeah, do the exercise as you've suggested with the power down of the main DC and the restore it later.

Have a read through the following links to get a better understanding of how a Domain Controller is found (DC locator process) and how DNS affects AD.

It will be helpful in increasing your understanding of the impact of the main DC going down and how windows manages to find another DC. So when somebody asks you if you're sure you can point them to the Microsoft answer. :)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.