Comprehensive data protection for all workloads
Post Reply
hasayeretFMG
Enthusiast
Posts: 37
Liked: 2 times
Joined: Jun 16, 2017 1:18 pm
Full Name: Rotem Ben
Contact:

Best way to replicate a primary Domain Controller?

Post by hasayeretFMG »

Hi guys,

We are planning on moving our main DC between 2 hosts and we believe that the best way to do that would be to replicate and then to do a planned failover through Veeam.
Any recommendation on what would be the best way to do it without completely breaking my network?
We're using the latest Veeam and our DC is 2008r2 Standard

Thanks!!!
Gostev
Chief Product Officer
Posts: 31814
Liked: 7302 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by Gostev »

Hi, I don't believe there any special considerations because you intend to use a Planned Failover functionality. Since this process shuts down the VM before transferring the last delta, overall the whole process will be no different from power cycling the VM (except it will power up on another host). Thanks and please let us know how it went!
csinetops
Expert
Posts: 113
Liked: 16 times
Joined: Jun 06, 2014 2:45 pm
Full Name: csinetops
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by csinetops »

Veeam works great for this. When we moved data centers a few years back, I used planned fail over to move around 100VM's ( DC's included) to our new location over the period of a month. As long as you have more than one DC you'll be fine while it's off line for the 10 minutes or so that it takes to do the planned failover.
hasayeretFMG
Enthusiast
Posts: 37
Liked: 2 times
Joined: Jun 16, 2017 1:18 pm
Full Name: Rotem Ben
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by hasayeretFMG »

Gostev wrote:Hi, I don't believe there any special considerations because you intend to use a Planned Failover functionality. Since this process shuts down the VM before transferring the last delta, overall the whole process will be no different from power cycling the VM (except it will power up on another host). Thanks and please let us know how it went!
So just planned failover with another DC online will do the trick, is that the case?
hasayeretFMG
Enthusiast
Posts: 37
Liked: 2 times
Joined: Jun 16, 2017 1:18 pm
Full Name: Rotem Ben
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by hasayeretFMG »

csinetops wrote:Veeam works great for this. When we moved data centers a few years back, I used planned fail over to move around 100VM's ( DC's included) to our new location over the period of a month. As long as you have more than one DC you'll be fine while it's off line for the 10 minutes or so that it takes to do the planned failover.
Thanks so much! What about VMs that are running SQL database? Did the planned failover take care of these as well?
foggy
Veeam Software
Posts: 21139
Liked: 2141 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by foggy »

hasayeretFMG wrote:So just planned failover with another DC online will do the trick, is that the case?
Yes.
hasayeretFMG wrote:Thanks so much! What about VMs that are running SQL database? Did the planned failover take care of these as well?
Yes, just make sure application-aware processing is enabled in all cases.
hasayeretFMG
Enthusiast
Posts: 37
Liked: 2 times
Joined: Jun 16, 2017 1:18 pm
Full Name: Rotem Ben
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by hasayeretFMG »

Sounds good. Is the application-aware processing impacting my current machine? (not the replica, the source!)

Thanks!
foggy
Veeam Software
Posts: 21139
Liked: 2141 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by foggy »

You shouldn't notice the impact, but the VM will be properly quiesced prior the backup to allow for further seamless failover.
hasayeretFMG
Enthusiast
Posts: 37
Liked: 2 times
Joined: Jun 16, 2017 1:18 pm
Full Name: Rotem Ben
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by hasayeretFMG »

Thank you!
One more question for you if you don't mind: Is there any issue restoring a 2008r2 domain controller using Veeam? I am participating in another thread and one of the users there says that it might not work and I better upgrade to 2012. Doesn't really make sense to me since I couldn't find anywhere that Veeam says that but I figured I'd ask you.

Thoughts?
foggy
Veeam Software
Posts: 21139
Liked: 2141 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by foggy » 1 person likes this post

I've replied in that thread as well, basically, with AAIP enabled, there shouldn't be any issues with W2008R2 DC's either.
hasayeretFMG
Enthusiast
Posts: 37
Liked: 2 times
Joined: Jun 16, 2017 1:18 pm
Full Name: Rotem Ben
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by hasayeretFMG »

Thanks so much! will give it a shot!
mwvme
Expert
Posts: 163
Liked: 33 times
Joined: Dec 05, 2015 10:19 pm
Full Name: Michael White
Location: Calgary, Alberta Canada
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by mwvme »

While I do agree with the others above that replicating the VM should work, it is a best practice for many professional services people, such as myself, to suggest not replicating domain controllers and instead, deploy a new domain controller. I have done many migrations in the past for customers and I always deployed new DC's and even Microsoft - who worked with me on some of these projects - agreed with me. I know that this is very conservative and careful, but that is what PSO people are like.

Michael
Michael White
Field Product Manager
https://notesfrommwhite.net
@mwVme
Andbac
Lurker
Posts: 1
Liked: never
Joined: Jun 24, 2014 8:20 am
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by Andbac »

I agree with mwvme, install additional DC(s) instead, if possible. Besides getting better control during the migration, you really should install the new DC(s) using Windows Server 2012 R2 or possible 2016 as the OS.
TGacs
Enthusiast
Posts: 37
Liked: 8 times
Joined: Sep 27, 2016 6:59 pm
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by TGacs »

mwvme wrote:While I do agree with the others above that replicating the VM should work, it is a best practice for many professional services people, such as myself, to suggest not replicating domain controllers and instead, deploy a new domain controller. I have done many migrations in the past for customers and I always deployed new DC's and even Microsoft - who worked with me on some of these projects - agreed with me. I know that this is very conservative and careful, but that is what PSO people are like.

Michael
I agree with mwvme and Andbac. In broad strokes:
1) Add a new DC VM on the new host (preferably with 2016 OS)
2) Verify DC & DNS replication.
3) Migrate FSMO roles to the new DC.
4) Power down the old DC.
5) After some time (say, 2-4 wks) of no issues, you can DCPROMO the old DC to remove it as a DC, and then remove it from the domain. Delete the old VM at your leisure.

I used this method to upgrade 6 domain controllers (3 domains, 2 per domain) from 2008R2 to 2016 OS.
BlueComp
Influencer
Posts: 17
Liked: 5 times
Joined: Jan 28, 2015 12:20 pm
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by BlueComp » 2 people like this post

mwvme wrote:While I do agree with the others above that replicating the VM should work, it is a best practice for many professional services people, such as myself, to suggest not replicating domain controllers and instead, deploy a new domain controller. I have done many migrations in the past for customers and I always deployed new DC's and even Microsoft - who worked with me on some of these projects - agreed with me. I know that this is very conservative and careful, but that is what PSO people are like.

Michael
If you need to move a physical server to a different room do you also throw it away and buy / build a new one? Bit of an outdated school of thought isn't it?
skrause
Veteran
Posts: 487
Liked: 106 times
Joined: Dec 08, 2014 2:58 pm
Full Name: Steve Krause
Contact:

Re: Best way to replicate a primary Domain Controller?

Post by skrause » 1 person likes this post

For something that is both as critical as AD and has the robust built-in replication/HA capabilities that AD has, for me the answer would be yes. In your hypothetical physical example the cost of a server to run AD on would be far less than the cost of downtime if there was an issue with just shutting it off and moving it.
Steve Krause
Veeam Certified Architect
Post Reply

Who is online

Users browsing this forum: Google [Bot], Semrush [Bot] and 75 guests