1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disaster Recovery AD question

Discussion in 'Software' started by LukeP, Jun 23, 2010.

  1. LukeP

    LukeP Gigabyte Poster

    1,194
    41
    90
    Hi

    I've been planning and testing DR scenario for some time now and today I tried to restore it to an isolated test environment.

    I've got both DC's backing up using BMR in DPM 2010. I restored the FSMO holder and I was getting tons of replication errors and domain was down. This is due to DC trying to validate itself as the only role holder which fails as other DC's are offline.
    I've managed to find 2 solutions to this.
    I can restore second DC from BMR or delete replication links using repadmin /delete (cant delete domain controller metadata from AD as it's down - AD Users and Computers console won't start up).

    Which way do you think is better?
     
    WIP: Uhmm... not sure
  2. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    I take it the DC you have restored has all the FSMO roles?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  3. LukeP

    LukeP Gigabyte Poster

    1,194
    41
    90
    Yeah.

    Basically I've tried both ways and both work fine.
    Difference is that BMR of second requires additional hardware (or VM) in new location and takes bit longer. Both not a big deal really.
    On the other hand repadmin job doesn't seem tidy and might be a problem for someone in case DR plan has to be carried out.

    I'm leaning towards second DC as it seems much mory tidy and second DC would need to be brought up at the new location too at some point. DC backups are done at the same time so AD synch should be close to perfect (or within replication margin).
     
    WIP: Uhmm... not sure
  4. LukeP

    LukeP Gigabyte Poster

    1,194
    41
    90
    Ok got it.

    The problem is that when you restore just the system state using wbadmin.exe you can specify switch -authsysvol which makes the restore authoritative, while there's no such option for BMR so I ended up restoring BMR and then System State (from the same BMR backup) with -authsysvol switch and everything works.

    What I don't like is that you can't use BMR for AD disaster recovery. You might as well install clean OS and restore System State. Not 100% sure which one is quicker.
     
    Last edited: Jun 24, 2010
    WIP: Uhmm... not sure

Share This Page

Loading...