curious7
asked on
Can Domain controller being replicated to DR site at storage level result in USN rollback condition
We have windows 2008 Active directory environment.
Architect had planned the DCs as follows:-
2 DCs (i will call them DC1 and DC2) in prod site with one of them (DC2) having the certificate authority on it.
1 live DC (DC3) in DR site.
DR was planned as follows:-
Storage replication configured for prod DC with CA (DC2) on it and it will be powered on during the DR.
We need to do DR test.
We will cut off the prod site completely from network during DR test.
I think the issue with this setup is that once the DC2 is powered on at the DR site and replication happens between the DC2 and DC3 then once we shutdown DC2 replica in DR and bring up the DC2 back in prod site then USN rollback condition can occur.
Architect does not agree with that.
In my thinking there is no need for the DC3 in this scenario if we are going to bring up DC2 in DR scenario.
OR the CA role should be split onto a non Domain controller server.
Please let me know your thoughts.
Architect had planned the DCs as follows:-
2 DCs (i will call them DC1 and DC2) in prod site with one of them (DC2) having the certificate authority on it.
1 live DC (DC3) in DR site.
DR was planned as follows:-
Storage replication configured for prod DC with CA (DC2) on it and it will be powered on during the DR.
We need to do DR test.
We will cut off the prod site completely from network during DR test.
I think the issue with this setup is that once the DC2 is powered on at the DR site and replication happens between the DC2 and DC3 then once we shutdown DC2 replica in DR and bring up the DC2 back in prod site then USN rollback condition can occur.
Architect does not agree with that.
In my thinking there is no need for the DC3 in this scenario if we are going to bring up DC2 in DR scenario.
OR the CA role should be split onto a non Domain controller server.
Please let me know your thoughts.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I have recommended this question be closed as follows:
Split:
-- 'eridzone' (https:#a42965199)
-- 'Shaun Vermaak' (https:#a42966249)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer