Replicating domain controllers

[evolmar]

Hi all,

We have a 3 node Hyper-V cluster running Windows Server 2012 using Dell Equallogic for storage. We set up a brand new Hyper-V cluster running Windows Server 2012 R2 with Tintri alongside the old cluster. We've used Veeam to replicate the VMs over to the new cluster and everything has been running great so far. The product never fails to amaze me. I've done everything except the domain controllers.

My question is, is it safe to replicate these or should I build new domain controllers? I've never done that before but am willing to give it a go if that is the safer route.

Thanks in advance!

[foggy]

Just make sure you enable app-aware image processing.

[Mike Resseler]

Yes, Foggy is correct.

Another method would be to build a running new DC on that cluster which would mean you have an additional DC that can do authentication and so on. Especially if you only have one DC that certainly should be an option to think about. Then you still have the possibility to backup and/or replicate one or more DC's. That would give you a nice layered defense.

If one DC goes down, there is still another one running that can do authentication/ GPO/ DNS (if that is on the same machine) and maybe even DHCP.

In worst case scenario, you can still recover from the replica or the backup

My 2 cents
Mike