+ Post New Thread
Results 1 to 5 of 5
*nix Thread, Virtualising your DCs... in Technical; I've just had a brainwave. At the current moment I have 2 servers running ESXi, both at opposite ends of ...
  1. #1

    Join Date
    Jun 2008
    Posts
    718
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31

    Virtualising your DCs...

    I've just had a brainwave.

    At the current moment I have 2 servers running ESXi, both at opposite ends of the school.

    I already have one VM running AD, DNS, DHCP and all the FSMO roles.

    I have a non-ESXi server that's the BDC.

    My thinking is to set up a third DC as a VM and then demote the old BDC as the VM will be the new BDC.

    Now, I just need your opinions on the following.

    Let's say, for example, all your servers died and went to PC heaven. To set up a whole new network can be very lengthy. However, you're using ghetto script to backup your 2 VM DCs on a weekly night as full images.

    Would there be any problems just getting in new servers and whacking on what ever latest VM images you have of the DCs (most likely a week old image backup)?

    Another thing, must the PDC image backup be recent and latest than the BDC or does this not matter?

    If network/server failure did happen, the only thing I can see myself losing is any updates I've done from the last backup to the present, e.g. AD, DHCP, GPO modifications etc.

    Your thoughts, please.

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,084
    Thank Post
    853
    Thanked 2,679 Times in 2,272 Posts
    Blog Entries
    9
    Rep Power
    769
    You've got to be careful with virtual DCs and imaging but if you are it can make stuff really easy. The issue is that AD has timestamps and replication IDs in its database and imaging it then restoring it at a later date can cause havoc. You should be able to do it if you can shutdown both DCs at the same time then run the backup while both are down and with the same version of the AD database. In this case you could just boot those on a different VM host if the network did die.

    I would strongly recommend a system state backup of the DCs though as that way you can do an authorative restore to set things right if it all goes horribly wrong. I would also recommend splitting the fsmo roles between the DCs as if one goes south then you have less roles to seize.

  3. Thanks to SYNACK from:

    Chuckster (17th September 2010)

  4. #3


    Join Date
    Jul 2007
    Location
    Rural heck
    Posts
    2,662
    Thank Post
    120
    Thanked 434 Times in 353 Posts
    Rep Power
    126
    BDCs?????? Are you still using NT4?

    Baring in ming you've got servers in two location realisticaly what senario can you imagine where the school wouldn't be closed.

    If I had to recover from this situation I'd resore a single DC (idealy one running DNS) and then grab all the FMSO roles. If you've got templates it wouldn't take long to build some more DCs.

  5. Thanks to K.C.Leblanc from:

    Chuckster (17th September 2010)

  6. #4

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,855
    Thank Post
    583
    Thanked 2,162 Times in 987 Posts
    Blog Entries
    23
    Rep Power
    627
    The (unwritten) rules about DC's is that if one dies, or goes very wrong then teh safest thing to do is a demotion (if you can) and transfer of FSMO roles (or seize them on the remaining DC(s)) and reinstall from scratch. Never, ever mess around with AD. I've even seen it once where an inexperienced NM changed the BIOS date\time on one of his domain controllers so as to attempt to get round a software trial experation period. His network went bye-bye, and it's horrible seeing a grown man cry.

  7. Thanks to Dos_Box from:

    Chuckster (17th September 2010)

  8. #5

    Join Date
    Jun 2008
    Posts
    718
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    I think what I will do is have two virtual DCs and have them not only back up as complete images on a weekly basis, but also a full daily backup of the OSDisk and System State. The DCs won't be doing anything other than to run AD, DNS and DHCP (2nd DC will have it deactivated)

    I just want to limit the impact of not having a fully functional network when the brown stuff hits the fan.

    I have purchased a brand new DL180 G6 purely as a testing server. Should something happen I can always use this as a backup.

SHARE:
+ Post New Thread

Similar Threads

  1. Virtualising RM
    By Sye in forum Educational Software
    Replies: 8
    Last Post: 22nd April 2010, 05:36 PM
  2. Firewall on DCs
    By Chuckster in forum Windows Server 2000/2003
    Replies: 3
    Last Post: 27th July 2009, 10:42 AM
  3. DNS setting on DCs
    By OverWorked in forum Windows
    Replies: 9
    Last Post: 23rd July 2008, 10:16 AM
  4. what is the ratio for DCs to PCs
    By timbo343 in forum Windows
    Replies: 6
    Last Post: 3rd January 2007, 05:16 PM
  5. replicationprob with old off 2k DCs
    By browolf in forum Windows
    Replies: 2
    Last Post: 18th October 2006, 11:06 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •