Martin Andel
asked on
Restoring virtual EBS 2008 Domain Controller from Veeam backup
Hi everyone,
We are running a virtual (VMware) EBS 2008 domain that gets backed up by the Veeam B&R daily. Everything is running reasonably well, but we have never tested restoring it from the backup, because we do not currently have any spare gear to do it.
I am trying to find out (if anyone's tried it already?) if everything works well after the servers are restored. The reason why I ask, is that I spoke to a consultant, which told me that the Active Directory databases of DC's dated prior to Server 2013 tend to break when restored from a backup. Reason being is that Veeam apparently creates a snapshot of the live VM and uses it as as a source of the backup. This is supposed to be a problem because restoring from snapshots has negative effects on AD and it had only been fully optimized in Server 2013.
Can anybody please confirm whether that could be a real issue? And if yes, are there any ways around it?
Thanks,
Martin
We are running a virtual (VMware) EBS 2008 domain that gets backed up by the Veeam B&R daily. Everything is running reasonably well, but we have never tested restoring it from the backup, because we do not currently have any spare gear to do it.
I am trying to find out (if anyone's tried it already?) if everything works well after the servers are restored. The reason why I ask, is that I spoke to a consultant, which told me that the Active Directory databases of DC's dated prior to Server 2013 tend to break when restored from a backup. Reason being is that Veeam apparently creates a snapshot of the live VM and uses it as as a source of the backup. This is supposed to be a problem because restoring from snapshots has negative effects on AD and it had only been fully optimized in Server 2013.
Can anybody please confirm whether that could be a real issue? And if yes, are there any ways around it?
Thanks,
Martin
ASKER
Okay, so if I have two DC's in the domain and one breaks, the best thing to do is to turn them both off asap and restore together at the same time?
If one breaks, create a new one!
ASKER
So no point restoring? One of the two DC's we have has Exchange on it. Does that mean that if it breaks we're done for?
Or would we have to restore that one and delete the other one?
Or would we have to restore that one and delete the other one?
Well that's a whole can of worms, and that's why it's not recommended in install any other role on a DC!
It means, it's complicated, and you would need to restore, and deal with the replication issues.
It means, it's complicated, and you would need to restore, and deal with the replication issues.
ASKER
Well the EBS 2008 package consists of two DCs, one of which also hosts the Exchange 2007. There was no choice in that matter. It is all very integrated.
How difficult does it then get when there are issues with the AD replication after the restore? Is it fixable?
How difficult does it then get when there are issues with the AD replication after the restore? Is it fixable?
Okay, so this is integrated SBS ?
ASKER
Yes and no. This is a similar product to SBS that Microsoft introduced in 2008. It is called Essential Business Server 2008 (http://en.m.wikipedia.org/wiki/Windows_Essential_Business_Server_2008) and it comprises of two DC/DNS servers, one of which hosts an instance of Exchange 2007. There is also a forefront/security server that is supposed to act as a primary firewall. Our setup is that we have the first two as VM's and the forefront is a physical machine that is kept turned off because we wanted to keep our firewall and generally it proved to be a nuisance.
Yes, okay Essentials!
In this case, you would have to Restore your "DC and Exchange Server", and deal with the replication issue.
The best method would be to practice this, by using SureLab in Veeam to test!
So the easiest thing would be to restore both servers today.
Keep them running as VMs on a Private Network. (also backup these!).
and then kill a server, and restore from backup.
Check if it's worked or not.
In this case, you would have to Restore your "DC and Exchange Server", and deal with the replication issue.
The best method would be to practice this, by using SureLab in Veeam to test!
So the easiest thing would be to restore both servers today.
Keep them running as VMs on a Private Network. (also backup these!).
and then kill a server, and restore from backup.
Check if it's worked or not.
ASKER
Thanks for the tip. Problem is though that we only have the Veeam Backup & Recovery Essentials, which does not have the lab included. Because of that, this will unfortunately have to remain a theoretical exercise. I am simply trying to come up with a plan in case we ever needed to do the restore.
You have the technology, to do this in practice.
Restore you VMs to a private network and test!
It's always worth testing these practices before they happen!
Restore you VMs to a private network and test!
It's always worth testing these practices before they happen!
ASKER
Ok, when I get to free up some resources needed for that kind of experiment, I'll run it. But in the meantime, can you please help me to summarize a theoretical solution?
Having two DC's, one of which has Exchange running on it, I can see two scenarios:
1) If the messaging server breaks down, we shut both of them down and move them safely away. Restore the messaging server from the backup, start it and then create a new one instead of the other DC.
2) If the second DC breaks down, we turn it of and delete it. Then create a new DC to take over.
Does that sound OK?
Having two DC's, one of which has Exchange running on it, I can see two scenarios:
1) If the messaging server breaks down, we shut both of them down and move them safely away. Restore the messaging server from the backup, start it and then create a new one instead of the other DC.
2) If the second DC breaks down, we turn it of and delete it. Then create a new DC to take over.
Does that sound OK?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
and it's best, to force remove the DC, and create a new DC with a different name!
OR....restore ALL DCs at the same time!
Replication is the issue.
This can be tested, by creating a test environment, which you can do with Veeam, in SureLab.
Restore all your DCs, then delete one, and then add one back, you will see replication breaks to that DC!