| Author | Messages | |
gabriel/tfi
Posts:59
 | | 05/08/2008 2:35 AM |
| I am reading the MS paper for AD DR that indicates to dismiss all DCs, start
recovering a DC in the forest root domain then a DC in each child domain,
finally rebuild (DC promo) the rest of all other DCs.
http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-
9027-c522dee35d85
<http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a
-9027-c522dee35d85&displaylang=en> &displaylang=en
We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA &
APAC), so I identified US HUB site as the "primary" hub site to recover the
AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild (DC
Promo) DCs at SPOKE sites.
Our DCs are hosted in VMWare and I know it is not possible in a normal
working condition to recover a single DC with image-level restore because of
AD distributed database (http://support.microsoft.com/kb/875495), but I was
wondering if it is possible to use a VM image-level restore for DR purpose
ONLY.
Ideally I think it is possible as I would recover a single "master" DC to
start over and this DC would not introduce any USN disallignement, of course
the GC role needs to be reassigned.
In a single forest/single domain I would nearly 100% sure it would work, but
I have some doubts with single forest/multiple domain scenario.
What's your idea?
Thanks in advance - Gabriele.
| | | |
| Marty1_0
Posts:26
| | 05/08/2008 2:40 AM |
| Snapshots of your VM's? If it includes the disks with your AD stuff etc. on
it, I think it works.
- Bart
On Thu, May 8, 2008 at 8:35 AM, Gabriele Scolaro <gabro@gabro.net> wrote:
> I am reading the MS paper for AD DR that indicates to dismiss all DCs,
> start recovering a DC in the forest root domain then a DC in each child
> domain, finally rebuild (DC promo) the rest of all other DCs.
>
>
> http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85&displaylang=en
>
>
>
> We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA &
> APAC), so I identified US HUB site as the "primary" hub site to recover the
> AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild (DC
> Promo) DCs at SPOKE sites.
>
>
>
> Our DCs are hosted in VMWare and I know it is not possible in a normal
> working condition to recover a single DC with image-level restore because of
> AD distributed database (http://support.microsoft.com/kb/875495), but I
> was wondering if it is possible to use a VM image-level restore for DR
> purpose ONLY.
>
> Ideally I think it is possible as I would recover a single "master" DC to
> start over and this DC would not introduce any USN disallignement, of course
> the GC role needs to be reassigned.
>
> In a single forest/single domain I would nearly 100% sure it would work,
> but I have some doubts with single forest/multiple domain scenario.
>
>
>
> What's your idea?
>
>
>
> Thanks in advance – Gabriele.
>
| | | |
| matheesha
Posts:10
| | 05/08/2008 7:47 AM |
| | I dont think you can prevent USN rollback for partitions that are
replicated forestwide such as the Config partition.
2008/5/8 Gabriele Scolaro <gabro@gabro.net>:
>
>
>
> I am reading the MS paper for AD DR that indicates to dismiss all DCs, start
> recovering a DC in the forest root domain then a DC in each child domain,
> finally rebuild (DC promo) the rest of all other DCs.
>
> http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85&displaylang=en
>
>
>
> We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA &
> APAC), so I identified US HUB site as the "primary" hub site to recover the
> AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild (DC
> Promo) DCs at SPOKE sites.
>
>
>
> Our DCs are hosted in VMWare and I know it is not possible in a normal
> working condition to recover a single DC with image-level restore because of
> AD distributed database (http://support.microsoft.com/kb/875495), but I was
> wondering if it is possible to use a VM image-level restore for DR purpose
> ONLY.
>
> Ideally I think it is possible as I would recover a single "master" DC to
> start over and this DC would not introduce any USN disallignement, of course
> the GC role needs to be reassigned.
>
> In a single forest/single domain I would nearly 100% sure it would work, but
> I have some doubts with single forest/multiple domain scenario.
>
>
>
> What's your idea?
>
>
>
> Thanks in advance – Gabriele.
.+-��0������j�q.+-��0�����ˊ�E��Kj�!i�b��b����ןj�m | | | |
| amulnick
Posts:79
| | 05/08/2008 10:59 AM |
| | Likely not. You're not very likely to get a consistent answer on this
either which should be taken as a warning sign if you decide to pursue
virtualized DC's as a DR option.
My take is that I'm not sure that virtualization offers you much when all is
said and done. Unless the dit is so large that spooling it back from tape
takes days, I'm of the mindset that you should opt for the safety mechanisms
that you get in the backup/restore cycle. You have enough to worry about in
a DR situation that adding the doubts and checks that would other come with
the restoration of service on top of the flattening of the forest would be a
risk I would not want to take.
Note that virtualized DC's can offer you an advantage in terms of restoring
to non-like hardware. System state restores can be burdensome if you have
to worry about staging like hardware over years of service. This can work if
you are able to follow the guidance for putting DC's in virtualized
environments and can reduce your RTS. You can also move to a non-virtualized
environment when the service settles to regain performance and parity with
what you designed.
If time is that critical to you, you may want to look at what third party
vendors can add to the solution for you.
Al
On Thu, May 8, 2008 at 7:47 AM, Matheesha Weerasinghe <matheesha@gmail.com>
wrote:
> I dont think you can prevent USN rollback for partitions that are
> replicated forestwide such as the Config partition.
>
> 2008/5/8 Gabriele Scolaro <gabro@gabro.net>:
> >
> >
> >
> > I am reading the MS paper for AD DR that indicates to dismiss all DCs,
> start
> > recovering a DC in the forest root domain then a DC in each child
> domain,
> > finally rebuild (DC promo) the rest of all other DCs.
> >
> >
> http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85&displaylang=en
> >
> >
> >
> > We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA
> &
> > APAC), so I identified US HUB site as the "primary" hub site to recover
> the
> > AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild
> (DC
> > Promo) DCs at SPOKE sites.
> >
> >
> >
> > Our DCs are hosted in VMWare and I know it is not possible in a normal
> > working condition to recover a single DC with image-level restore
> because of
> > AD distributed database (http://support.microsoft.com/kb/875495), but I
> was
> > wondering if it is possible to use a VM image-level restore for DR
> purpose
> > ONLY.
> >
> > Ideally I think it is possible as I would recover a single "master" DC
> to
> > start over and this DC would not introduce any USN disallignement, of
> course
> > the GC role needs to be reassigned.
> >
> > In a single forest/single domain I would nearly 100% sure it would work,
> but
> > I have some doubts with single forest/multiple domain scenario.
> >
> >
> >
> > What's your idea?
> >
> >
> >
> > Thanks in advance – Gabriele.
>
| | | |
| neilruston
Posts:59
| | 05/08/2008 11:04 AM |
| I've deployed virtual and physical DCs, all managed within one recovery
framework -
http://www.quest.com/recovery-manager-for-active-directory-forest-editio
n/
*Note* I'm not suggesting Quest make special provisions for the virtual
DCs.
I'm sure there are other similar products on the market place - this is
the only such toolset I have used.
neil
________________________________
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Al Mulnick
Sent: 08 May 2008 15:57
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] VM Image-level backup for AD DR
Likely not. You're not very likely to get a consistent answer on this
either which should be taken as a warning sign if you decide to pursue
virtualized DC's as a DR option.
My take is that I'm not sure that virtualization offers you much when
all is said and done. Unless the dit is so large that spooling it back
from tape takes days, I'm of the mindset that you should opt for the
safety mechanisms that you get in the backup/restore cycle. You have
enough to worry about in a DR situation that adding the doubts and
checks that would other come with the restoration of service on top of
the flattening of the forest would be a risk I would not want to take.
Note that virtualized DC's can offer you an advantage in terms of
restoring to non-like hardware. System state restores can be burdensome
if you have to worry about staging like hardware over years of service.
This can work if you are able to follow the guidance for putting DC's in
virtualized environments and can reduce your RTS. You can also move to a
non-virtualized environment when the service settles to regain
performance and parity with what you designed.
If time is that critical to you, you may want to look at what third
party vendors can add to the solution for you.
Al
On Thu, May 8, 2008 at 7:47 AM, Matheesha Weerasinghe
<matheesha@gmail.com> wrote:
I dont think you can prevent USN rollback for partitions that are
replicated forestwide such as the Config partition.
2008/5/8 Gabriele Scolaro <gabro@gabro.net>:
>
>
>
> I am reading the MS paper for AD DR that indicates to dismiss all DCs,
start
> recovering a DC in the forest root domain then a DC in each child
domain,
> finally rebuild (DC promo) the rest of all other DCs.
>
>
http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-4
43a-9027-c522dee35d85&displaylang=en
>
>
>
> We are running an HUB'n'SPOKE topology with multiple HUB sites (US,
EMEA &
> APAC), so I identified US HUB site as the "primary" hub site to
recover the
> AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally
rebuild (DC
> Promo) DCs at SPOKE sites.
>
>
>
> Our DCs are hosted in VMWare and I know it is not possible in a normal
> working condition to recover a single DC with image-level restore
because of
> AD distributed database (http://support.microsoft.com/kb/875495), but
I was
> wondering if it is possible to use a VM image-level restore for DR
purpose
> ONLY.
>
> Ideally I think it is possible as I would recover a single "master" DC
to
> start over and this DC would not introduce any USN disallignement, of
course
> the GC role needs to be reassigned.
>
> In a single forest/single domain I would nearly 100% sure it would
work, but
> I have some doubts with single forest/multiple domain scenario.
>
>
>
> What's your idea?
>
>
>
> Thanks in advance - Gabriele.
Barclays Wealth is the wealth management division of Barclays Bank PLC. This email may relate to or be sent from other members of the Barclays Group.
The availability of products and services may be limited by the applicable laws and regulations in certain jurisdictions. The Barclays Group does not normally accept or offer business instructions via internet email. Any action that you might take upon this message might be at your own risk.
This email and any attachments are confidential and intended solely for the addressee and may also be privileged or exempt from disclosure under applicable law. If you are not the addressee, or have received this email in error, please notify the sender immediately, delete it from your system and do not copy, disclose or otherwise act upon any part of this email or its attachments.
Internet communications are not guaranteed to be secure or virus-free. The Barclays Group does not accept responsibility for any loss arising from unauthorised access to, or interference with, any Internet communications by any third party, or from the transmission of any viruses. Replies to this email may be monitored by the Barclays Group for operational or business reasons.
Any opinion or other information in this email or its attachments that does not relate to the business of the Barclays Group is personal to the sender and is not given or endorsed by the Barclays Group.
Barclays Bank PLC. Registered in England and Wales (registered no. 1026167).
Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom.
Barclays Bank PLC is authorised and regulated by the Financial Services Authority.
| | | |
| gabriel/tfi
Posts:59
| | 05/08/2008 5:07 PM |
| That was exactly one of my concern.
What about shutting down one DC per domain simultaneously and then take a full snapshot of them all?
Thanks - Gabriele.
> -----Original Message-----
> From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-
> owner@mail.activedir.org] On Behalf Of Matheesha Weerasinghe
> Sent: giovedì 8 maggio 2008 13.47
> To: ActiveDir@mail.activedir.org
> Subject: Re: [ActiveDir] VM Image-level backup for AD DR
>
> I dont think you can prevent USN rollback for partitions that are
> replicated forestwide such as the Config partition.
>
> 2008/5/8 Gabriele Scolaro <gabro@gabro.net>:
> >
> >
> >
> > I am reading the MS paper for AD DR that indicates to dismiss all
> DCs, start
> > recovering a DC in the forest root domain then a DC in each child
> domain,
> > finally rebuild (DC promo) the rest of all other DCs.
> >
> > http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-
> 8e8a-443a-9027-c522dee35d85&displaylang=en
> >
> >
> >
> > We are running an HUB'n'SPOKE topology with multiple HUB sites (US,
> EMEA &
> > APAC), so I identified US HUB site as the "primary" hub site to
> recover the
> > AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally
> rebuild (DC
> > Promo) DCs at SPOKE sites.
> >
> >
> >
> > Our DCs are hosted in VMWare and I know it is not possible in a
> normal
> > working condition to recover a single DC with image-level restore
> because of
> > AD distributed database (http://support.microsoft.com/kb/875495), but
> I was
> > wondering if it is possible to use a VM image-level restore for DR
> purpose
> > ONLY.
> >
> > Ideally I think it is possible as I would recover a single "master"
> DC to
> > start over and this DC would not introduce any USN disallignement, of
> course
> > the GC role needs to be reassigned.
> >
> > In a single forest/single domain I would nearly 100% sure it would
> work, but
> > I have some doubts with single forest/multiple domain scenario.
> >
> >
> >
> > What's your idea?
> >
> >
> >
> > Thanks in advance – Gabriele.
> .����������B�öv�����rz�öv�k}�
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
| | | |
| gabriel/tfi
Posts:59
| | 05/08/2008 5:37 PM |
| Al, thanks for your reply.
I see your point and have to agree with you!
Unfortunately implementing a 3rd party solution, even a simple remote backup agent, would require a nice amount of time while I need to implement something very soon.
So I was looking around for a quick-win to leverage the tools I have already in place on the VMWare system.
I was hopelessly wondering if a “magic” procedure existed to recover DCs from a VM image file just for DR purpose….
As a temp solution I will opt for a good’n’old scripted ntbackup.
Regards,
(sad) Gabriele.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Al Mulnick
Sent: giovedì 8 maggio 2008 16.57
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] VM Image-level backup for AD DR
Likely not. You're not very likely to get a consistent answer on this either which should be taken as a warning sign if you decide to pursue virtualized DC's as a DR option.
My take is that I'm not sure that virtualization offers you much when all is said and done. Unless the dit is so large that spooling it back from tape takes days, I'm of the mindset that you should opt for the safety mechanisms that you get in the backup/restore cycle. You have enough to worry about in a DR situation that adding the doubts and checks that would other come with the restoration of service on top of the flattening of the forest would be a risk I would not want to take.
Note that virtualized DC's can offer you an advantage in terms of restoring to non-like hardware. System state restores can be burdensome if you have to worry about staging like hardware over years of service. This can work if you are able to follow the guidance for putting DC's in virtualized environments and can reduce your RTS. You can also move to a non-virtualized environment when the service settles to regain performance and parity with what you designed.
If time is that critical to you, you may want to look at what third party vendors can add to the solution for you.
Al
On Thu, May 8, 2008 at 7:47 AM, Matheesha Weerasinghe <matheesha@gmail.com> wrote:
I dont think you can prevent USN rollback for partitions that are
replicated forestwide such as the Config partition.
2008/5/8 Gabriele Scolaro <gabro@gabro.net>:
>
>
>
> I am reading the MS paper for AD DR that indicates to dismiss all DCs, start
> recovering a DC in the forest root domain then a DC in each child domain,
> finally rebuild (DC promo) the rest of all other DCs.
>
> http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85 <http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85&displaylang=en> &displaylang=en
>
>
>
> We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA &
> APAC), so I identified US HUB site as the "primary" hub site to recover the
> AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild (DC
> Promo) DCs at SPOKE sites.
>
>
>
> Our DCs are hosted in VMWare and I know it is not possible in a normal
> working condition to recover a single DC with image-level restore because of
> AD distributed database (http://support.microsoft.com/kb/875495), but I was
> wondering if it is possible to use a VM image-level restore for DR purpose
> ONLY.
>
> Ideally I think it is possible as I would recover a single "master" DC to
> start over and this DC would not introduce any USN disallignement, of course
> the GC role needs to be reassigned.
>
> In a single forest/single domain I would nearly 100% sure it would work, but
> I have some doubts with single forest/multiple domain scenario.
>
>
>
> What's your idea?
>
>
>
> Thanks in advance – Gabriele.
| | | |
| GuidoG
Posts:9
| | 05/18/2008 1:38 PM |
| As Al said: you’re likely not going to get a consistent answer on this, which in itself should be taken as a warning.
In any case, forest level AD DR in a production environment is something so special that you don’t want to exercise without the right level of support – you should certainly not even attempt a forest recovery without having checked out all your other options to get you back to a working state with help from MS PSS etc. It’s worth the money as a forest-level recovery will usually cost you even more in downtime and post-recovery hassles.
So while image-level VM backups are actually quite attractive to speed up forest level recovery, your problem in a production environment is really about timing and support…
Timing: the snapshots/backups of all DCs around the globe would need to be taken at exactly the same time.
Support: well, you know about the challenges between MSFT and supporting their OS on VMware – and clearly Microsoft’s general warning about image level backups due to USN rollback as pointed out in your initial mail. Now that last warning could be ignored, if all DCs were backed up at image level at exactly the same time, as this would alleviate the USN rollback issue.
So is this doable in a test-lab?
Of course – here it’s not a problem – if you have all VMs running in a closely monitored and managed environment, you can snapshot all DCs at the same time and then it’s also not a problem to roll all of them back to a previous state (i.e. thus doing forest-level AD DR). Perfect for testing schema updates and rolling back to the previous state of the forest. And likely you also care less about supportability in your test-lab.
Is this something you’d want to do in production for the whole forest?
Likely not – as in a largely distributed environment like the one you describe, you could hardly guarantee taking the snapshots of all DCs at the same time. That’s where the culprit is.
And if you could only do it for a few machines, like one DC for each domain as suggested in the thread, what would you gain? Not much, other than a few minutes of extra time that you’d otherwise need to perform a system-state restore for those “recovery DCs” (all others would need to be re-promoted anyways). So the benefit would be minimal compared to the efforts you’d likely put in up front to decide that you’d actually perform a forest level restore in your production environment.
That said, I believe this picture will change quite a bit once companies have begun to deploy Windows Server 2008 and have successfully centralized ALL their writeable DCs (RWDC) to a few hub-datacenters, while all other DCs outside the hubs are read-only DCs (RODC). Combine this with running all your DCs as a VM on Hyper-V, which is fully supported by MSFT. And very important: the RODCs don’t have the USN rollback issue => since NO objects are ever created on these boxes and the NEVER replicate any data out to other DCs, Microsoft was even considering to support image level backups of RODCs. I have to check back with the AD team to see what came out of this discussion and if it’s now officially supported by them. In any case it would not be a risk to your AD forest to perform an image level backup of RODCs.
So now you only have those RWDCs in your hub-datacenters left to worry about… Well, now the number of snapshots / image level backups to take _at the same time_ to ensure forest-wide consistency of your writeable AD DCs is suddenly much lower! Let’s say you now have only 10 DCs in 3 sites to worry about, instead of 100 in 90 sites or so… I would think we are now slowly entering the situation, that image level backup _for forest-level AD DR purposes_ becomes doable even in production… Clearly I am not saying that this would be supported by Microsoft – as such it might be a moot point to argue – but we are at least getting to a point that we could consider doable.
In any case, reducing the number of RWDCs to a minimum with WS2008 will positively impact your forest level AD DR scenarios – even if you can’t use image level restores for those 10 RWDCs… - maybe you could still combine it with image level restores for your 90 RODCs…
/Guido
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Thursday, May 08, 2008 11:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] VM Image-level backup for AD DR
Al, thanks for your reply.
I see your point and have to agree with you!
Unfortunately implementing a 3rd party solution, even a simple remote backup agent, would require a nice amount of time while I need to implement something very soon.
So I was looking around for a quick-win to leverage the tools I have already in place on the VMWare system.
I was hopelessly wondering if a “magic” procedure existed to recover DCs from a VM image file just for DR purpose….
As a temp solution I will opt for a good’n’old scripted ntbackup.
Regards,
(sad) Gabriele.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Al Mulnick
Sent: giovedì 8 maggio 2008 16.57
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] VM Image-level backup for AD DR
Likely not. You're not very likely to get a consistent answer on this either which should be taken as a warning sign if you decide to pursue virtualized DC's as a DR option.
My take is that I'm not sure that virtualization offers you much when all is said and done. Unless the dit is so large that spooling it back from tape takes days, I'm of the mindset that you should opt for the safety mechanisms that you get in the backup/restore cycle. You have enough to worry about in a DR situation that adding the doubts and checks that would other come with the restoration of service on top of the flattening of the forest would be a risk I would not want to take.
Note that virtualized DC's can offer you an advantage in terms of restoring to non-like hardware. System state restores can be burdensome if you have to worry about staging like hardware over years of service. This can work if you are able to follow the guidance for putting DC's in virtualized environments and can reduce your RTS. You can also move to a non-virtualized environment when the service settles to regain performance and parity with what you designed.
If time is that critical to you, you may want to look at what third party vendors can add to the solution for you.
Al
On Thu, May 8, 2008 at 7:47 AM, Matheesha Weerasinghe <matheesha@gmail.com<mailto:matheesha@gmail.com>> wrote:
I dont think you can prevent USN rollback for partitions that are
replicated forestwide such as the Config partition.
2008/5/8 Gabriele Scolaro <gabro@gabro.net<mailto:gabro@gabro.net>>:
>
>
>
> I am reading the MS paper for AD DR that indicates to dismiss all DCs, start
> recovering a DC in the forest root domain then a DC in each child domain,
> finally rebuild (DC promo) the rest of all other DCs.
>
> http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85&displaylang=en
>
>
>
> We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA &
> APAC), so I identified US HUB site as the "primary" hub site to recover the
> AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild (DC
> Promo) DCs at SPOKE sites.
>
>
>
> Our DCs are hosted in VMWare and I know it is not possible in a normal
> working condition to recover a single DC with image-level restore because of
> AD distributed database (http://support.microsoft.com/kb/875495), but I was
> wondering if it is possible to use a VM image-level restore for DR purpose
> ONLY.
>
> Ideally I think it is possible as I would recover a single "master" DC to
> start over and this DC would not introduce any USN disallignement, of course
> the GC role needs to be reassigned.
>
> In a single forest/single domain I would nearly 100% sure it would work, but
> I have some doubts with single forest/multiple domain scenario.
>
>
>
> What's your idea?
>
>
>
> Thanks in advance – Gabriele.
| | | |
| amulnick
Posts:79
| | 05/18/2008 1:50 PM |
| Now....if we could just get the other Microsoft product/consumers of AD to
play along nicely with the RODC scenario, we'd be moving in the right
direction 
On Fri, May 9, 2008 at 3:33 AM, Grillenmeier, Guido <
guido.grillenmeier@hp.com> wrote:
> As Al said: you're likely not going to get a consistent answer on this,
> which in itself should be taken as a warning.
>
>
>
> In any case, forest level AD DR in a production environment is something so
> special that you don't want to exercise without the right level of support –
> you should certainly not even attempt a forest recovery without having
> checked out all your other options to get you back to a working state with
> help from MS PSS etc. It's worth the money as a forest-level recovery will
> usually cost you even more in downtime and post-recovery hassles.
>
>
>
> So while image-level VM backups are actually quite attractive to speed up
> forest level recovery, your problem in a production environment is really
> about timing and support…
>
> *Timing:* the snapshots/backups of all DCs around the globe would need to
> be taken at exactly the same time.
>
> *Support:* well, you know about the challenges between MSFT and supporting
> their OS on VMware – and clearly Microsoft's general warning about image
> level backups due to USN rollback as pointed out in your initial mail. Now
> that last warning could be ignored, if all DCs were backed up at image level
> at exactly the same time, as this would alleviate the USN rollback issue.
>
>
>
> *So is this doable in a test-lab? *
>
> Of course – here it's not a problem – if you have all VMs running in a
> closely monitored and managed environment, you can snapshot all DCs at the
> same time and then it's also not a problem to roll all of them back to a
> previous state (i.e. thus doing forest-level AD DR). Perfect for testing
> schema updates and rolling back to the previous state of the forest. And
> likely you also care less about supportability in your test-lab.
>
>
>
> *Is this something you'd want to do in production for the whole forest? *
>
> Likely not – as in a largely distributed environment like the one you
> describe, you could hardly guarantee taking the snapshots of all DCs at the
> same time. That's where the culprit is.
>
> And if you could only do it for a few machines, like one DC for each domain
> as suggested in the thread, what would you gain? Not much, other than a few
> minutes of extra time that you'd otherwise need to perform a system-state
> restore for those "recovery DCs" (all others would need to be re-promoted
> anyways). So the benefit would be minimal compared to the efforts you'd
> likely put in up front to decide that you'd actually perform a forest level
> restore in your production environment.
>
>
>
>
>
> That said, I believe this picture will change quite a bit once companies
> have begun to deploy Windows Server 2008 and have successfully centralized
> ALL their writeable DCs (RWDC) to a few hub-datacenters, while all other DCs
> outside the hubs are read-only DCs (RODC). Combine this with running all
> your DCs as a VM on Hyper-V, which is fully supported by MSFT. And very
> important: the RODCs don't have the USN rollback issue => since NO objects
> are ever created on these boxes and the NEVER replicate any data out to
> other DCs, Microsoft was even considering to support image level backups of
> RODCs. I have to check back with the AD team to see what came out of this
> discussion and if it's now officially supported by them. In any case it
> would not be a risk to your AD forest to perform an image level backup of
> RODCs.
>
> So now you only have those RWDCs in your hub-datacenters left to worry
> about… Well, now the number of snapshots / image level backups to take _*at
> the same time*_ to ensure forest-wide consistency of your writeable AD DCs
> is suddenly much lower! Let's say you now have only 10 DCs in 3 sites to
> worry about, instead of 100 in 90 sites or so… I would think we are now
> slowly entering the situation, that image level backup _*for forest-level
> AD DR purposes*_ becomes doable even in production… Clearly I am not
> saying that this would be supported by Microsoft – as such it might be a
> moot point to argue – but we are at least getting to a point that we could
> consider doable.
>
>
>
> In any case, reducing the number of RWDCs to a minimum with WS2008 will
> positively impact your forest level AD DR scenarios – even if you can't use
> image level restores for those 10 RWDCs… - maybe you could still combine it
> with image level restores for your 90 RODCs…
>
>
>
> /Guido
>
>
>
> *From:* ActiveDir-owner@mail.activedir.org [mailto:
> ActiveDir-owner@mail.activedir.org] *On Behalf Of *Gabriele Scolaro
> *Sent:* Thursday, May 08, 2008 11:33 PM
> *To:* ActiveDir@mail.activedir.org
> *Subject:* RE: [ActiveDir] VM Image-level backup for AD DR
>
>
>
> Al, thanks for your reply.
>
> I see your point and have to agree with you!
>
>
>
> Unfortunately implementing a 3rd party solution, even a simple remote
> backup agent, would require a nice amount of time while I need to implement
> something very soon.
>
> So I was looking around for a quick-win to leverage the tools I have
> already in place on the VMWare system.
>
> I was hopelessly wondering if a "magic" procedure existed to recover DCs
> from a VM image file just for DR purpose….
>
>
>
> As a temp solution I will opt for a good'n'old scripted ntbackup.
>
>
>
> Regards,
>
> (sad) Gabriele.
>
>
>
>
>
> *From:* ActiveDir-owner@mail.activedir.org [mailto:
> ActiveDir-owner@mail.activedir.org] *On Behalf Of *Al Mulnick
> *Sent:* giovedì 8 maggio 2008 16.57
> *To:* ActiveDir@mail.activedir.org
> *Subject:* Re: [ActiveDir] VM Image-level backup for AD DR
>
>
>
> Likely not. You're not very likely to get a consistent answer on this
> either which should be taken as a warning sign if you decide to pursue
> virtualized DC's as a DR option.
>
> My take is that I'm not sure that virtualization offers you much when all
> is said and done. Unless the dit is so large that spooling it back from
> tape takes days, I'm of the mindset that you should opt for the safety
> mechanisms that you get in the backup/restore cycle. You have enough to
> worry about in a DR situation that adding the doubts and checks that would
> other come with the restoration of service on top of the flattening of the
> forest would be a risk I would not want to take.
>
> Note that virtualized DC's can offer you an advantage in terms of restoring
> to non-like hardware. System state restores can be burdensome if you have
> to worry about staging like hardware over years of service. This can work if
> you are able to follow the guidance for putting DC's in virtualized
> environments and can reduce your RTS. You can also move to a non-virtualized
> environment when the service settles to regain performance and parity with
> what you designed.
>
> If time is that critical to you, you may want to look at what third party
> vendors can add to the solution for you.
>
> Al
>
> On Thu, May 8, 2008 at 7:47 AM, Matheesha Weerasinghe <matheesha@gmail.com>
> wrote:
>
> I dont think you can prevent USN rollback for partitions that are
> replicated forestwide such as the Config partition.
>
> 2008/5/8 Gabriele Scolaro <gabro@gabro.net>:
>
> >
> >
> >
> > I am reading the MS paper for AD DR that indicates to dismiss all DCs,
> start
> > recovering a DC in the forest root domain then a DC in each child domain,
> > finally rebuild (DC promo) the rest of all other DCs.
> >
> >
> http://www.microsoft.com/downloads/details.aspx?familyid=afe436fa-8e8a-443a-9027-c522dee35d85&displaylang=en
> >
> >
> >
> > We are running an HUB'n'SPOKE topology with multiple HUB sites (US, EMEA
> &
> > APAC), so I identified US HUB site as the "primary" hub site to recover
> the
> > AD forest, then rebuild (DC Promo) DCs in EMEA and APAC, finally rebuild
> (DC
> > Promo) DCs at SPOKE sites.
> >
> >
> >
> > Our DCs are hosted in VMWare and I know it is not possible in a normal
> > working condition to recover a single DC with image-level restore because
> of
> > AD distributed database (http://support.microsoft.com/kb/875495), but I
> was
> > wondering if it is possible to use a VM image-level restore for DR
> purpose
> > ONLY.
> >
> > Ideally I think it is possible as I would recover a single "master" DC to
> > start over and this DC would not introduce any USN disallignement, of
> course
> > the GC role needs to be reassigned.
> >
> > In a single forest/single domain I would nearly 100% sure it would work,
> but
> > I have some doubts with single forest/multiple domain scenario.
> >
> >
> >
> > What's your idea?
> >
> >
> >
> > Thanks in advance – Gabriele.
>
>
>
| | | |
|
|