Host-based backup of VMware vSphere VMs.
lobo519
Veteran
Posts: 315
Liked: 38 times
Joined: Sep 29, 2010 3:37 pm
Contact:

Re: Replicating a Domain Controller

Post by lobo519 »

Gostev wrote:Basically, you cannot pull a single DC from a multi-DC environment, and expect it to work in the isolated environment. Because what happens is it will fail to find replication partners (other DCs), and will stop the NETLOGON service.

Also, keep in mind that you must wait for the DC to automatically reboot (after it completes the VSS restore process) before attempting to logon.

One of these 2 points is likely the cause for your issue.

Please search the existing topics for more information and the detailed description of the DC restore.

So if I have two DC's and want to replicate them to a DR site, what is the correct way of doing this and turning them up in an DR event?

Can I just turn them both on? Or will on need to be put into authoritative restore mode?

If I lost just one domain controller - how should the replica be brought up?
veremin
Product Manager
Posts: 20270
Liked: 2252 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Replicating a Domain Controller

Post by veremin »

If I lost just one domain controller - how should the replica be brought up?
In this case, you can just do normal failback/failover operation, thus, DC would be brought up in automated non-authoritative mode and would be synced up with the other DCs automatically.

In fact, this sort of questions has been already covered several times. So, please take a look at the existing topics:
Hope this helps.
Thanks.
lobo519
Veteran
Posts: 315
Liked: 38 times
Joined: Sep 29, 2010 3:37 pm
Contact:

Re: Replicating a Domain Controller

Post by lobo519 »

Thanks for the info.

I don't doubt this has been covered before, So why not create a KB instead of referring people to pages and pages and pages in multiple threads and then links to other threads?!?! It can be tough to get a clean answer.

Its been asked by myself and several others here.

http://forums.veeam.com/viewtopic.php?f ... 0&start=15
lobo519
Veteran
Posts: 315
Liked: 38 times
Joined: Sep 29, 2010 3:37 pm
Contact:

Re: Replicating a Domain Controller

Post by lobo519 »

v.Eremin wrote:
Something explaining what automation is included, what to expect during a restore, etc. What should be done/expected and differences when restoring via backup or replica. Something clear we can include in our DR procedures. You never know who might be trying to do the recovery.


I think the automation behind the restore somewhat clouds the produce of restore for some people in certain scenarios. I can understand that while the restoration of a DC somewhat falls outside of Veeam's responsibility, you have included automation of the process so I feel that you should provide documentation as to the scenarios you have prepared for and what may or may not need to be done when a restore is completed.
veremin
Product Manager
Posts: 20270
Liked: 2252 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Replicating a Domain Controller

Post by veremin »

Ok, I’ve got your point.

Thanks again for your feedback.
bill s
Lurker
Posts: 1
Liked: never
Joined: Dec 09, 2015 1:32 am
Full Name: Bill
Contact:

Re: Replicating a Domain Controller

Post by bill s »

Has there been a KBB article or any official documentation detailing how restoration should work??!?
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Replicating a Domain Controller

Post by foggy »

Bill, could you please clarify what kind of restore are you referring to?
Majeedsk
Lurker
Posts: 1
Liked: never
Joined: Dec 14, 2016 3:59 pm
Full Name: Majeed Ahmed
Contact:

Re: Replicating a Domain Controller

Post by Majeedsk »

Thanks for all your support
There is 1 other way also to start the replicated domain controller.
1) Edit the Virtual machine and connect it to isolated network then go to boot options and force machine to bios setup and while booting press F8 and boot the machine in directory service repair mode.
2) After machine boot wait till the machine get stable and login with AD recovery account which is administrator and password and again wait around 5-10 min.
3) Restart the machine and let it go to normal mode.
4) After machine come in normal mode and if you get error "Active Directory: Naming Information cannot be located because the specified domain does not exist" then
5) Open regedit Browse to HKLM\SYSTEM\CurrentControlSet\Services\Ntfrs\Parameters\Backup/Restore\Process at Startup
Set the BurFlags value to D4 (Hex) / 212 (Dec)
Restart the "File Replication" service
6) ntdsutil
ntdsutil: roles
fsmo maintenance: connections
server connections: connect to server <servername>
serverconnections: q
fsmo maintenance: seize infrastructure master
fsmo maintenance: seize naming master
fsmo maintenance: seize pdc
fsmo maintenance: seize rid master
fsmo maintenance: seize schema master
fsmo maintenance: q
ntdsutil: q

Thanks
Majeed
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Replicating a Domain Controller

Post by foggy »

noworriesm8
Lurker
Posts: 2
Liked: never
Joined: Jun 21, 2017 4:58 pm
Full Name: JR
Contact:

[MERGED] Question on replicating a Windows DC and failover

Post by noworriesm8 »

I am loving My Veeam Backup and replication.
I have migrated most of my Virtual machines to new hosts with little to know downtime using replication and failover.

I have yet to attempt the domain controller. It is windows server 2008 R2.
Do I need to do anything different? My plan was to replicate the DC/fileserver to a new host. Turn off the DC/fileserver on the old host. Run replication one final time for the incremental data that may have been missed. Failover to the new DC/fileserver on the new host. wait a day and click permanent failover, then remove the old host.

are there any caveats since this is a DC being moved? I would do Cold Quick migration, but I am trying to minimize downtime.

Thank you in advance.
DGrinev
Veteran
Posts: 1943
Liked: 247 times
Joined: Dec 01, 2016 3:49 pm
Full Name: Dmitry Grinev
Location: St.Petersburg
Contact:

Re: Question on replicating a Windows DC and failover

Post by DGrinev »

Hi,

You don't have to do failover and initiate incremental replication manually as it can be done by planned failover.
Please review this discussion as it contains useful experience of replicating DCs. Thanks!
noworriesm8
Lurker
Posts: 2
Liked: never
Joined: Jun 21, 2017 4:58 pm
Full Name: JR
Contact:

Re: Replicating a Domain Controller

Post by noworriesm8 »

I understand that. What I mean is when I failover after replication with the domain controller, do I need to do anything special? like boot the replica in ds restore mode? or just power off Old Domain controller and click failover?

PLanned failover is nice but I need to supervise the failover.
Vitaliy S.
VP, Product Management
Posts: 27055
Liked: 2710 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: Replicating a Domain Controller

Post by Vitaliy S. »

No special things are required (given that this is a single DC VM). Please take a look at the topic above "Active Directory and DR Site" for more info.

Also here is a good read as well > How to recover a Domain Controller: Best practices for AD protection (Part 2)

Thanks!
mblackmore
Influencer
Posts: 11
Liked: never
Joined: Jun 22, 2010 3:04 am
Full Name: Michael
Contact:

[MERGED] Replicating only our Primary domain controller

Post by mblackmore »

H

We utilise veeam to replace ~ 100 VMs to an offsite server, that from a LAN perspective cannot see our production network at all.

We have two server 2016 domain controller, one as a VM in which we replicate, one is physical which we do not

from time we do a failover to do a "dr test" and have found each time the DC has issues, which we would expect (not finding the secondary) all other servers come up OK also

Is there a better way to manage this as we are not having luck replicating just the primary DC.
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Replicating a Domain Controller

Post by foggy »

Hi Michael, please review this thread and specifically the KB article mentioned above. Thanks.
frigomiam
Enthusiast
Posts: 45
Liked: 4 times
Joined: Nov 25, 2014 3:47 pm
Full Name: frigo miam
Contact:

[MERGED] Replicated DC not working

Post by frigomiam »

Hi,

I use to have Running DC on my disastery recovery site.
When we test the site, we use to seize all roles on the running DC, and that works fine.

I know windows2012 is snapshot aware now, so I wonder if I can just replicate my DC also, then just be able to power it on after a failure of our prod site.
Doing so, would allow me to failover much quicker, I don't have the seize all the roles...

So I tested that, I powered on the replicated DC in an internal network.
But the issue is that AD doesn't start. And the network connection shows "unidentified network" instead of my domain.
I set "Repl Perform Initial Synchronizations" to 0 in registry, and restarted, but that still didn't work.

So is there a veeam recommendation how to replicate a DC, and power it on ? ( and I still have my prod DC running )


we use
veeam Replication&backup 9.5
vcenter 6.5
ESXi 5.5

many thanks
frigomiam
Enthusiast
Posts: 45
Liked: 4 times
Joined: Nov 25, 2014 3:47 pm
Full Name: frigo miam
Contact:

Re: Replicated DC not working

Post by frigomiam »

we use windows 2012 R2
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Replicating a Domain Controller

Post by foggy »

Hi Francois, does the replication job have application-aware image processing enabled? Also, please review this thread for more information.
gareth.armstrong
Lurker
Posts: 2
Liked: never
Joined: Nov 14, 2018 9:08 am
Full Name: Gareth Armstrong
Contact:

[MERGED] Planned failover of DC

Post by gareth.armstrong »

Hi guys,

I've got a a customer who is doing power maintenance on their DR site and wants us to ensure the domain controller (DC02) that is hosted at the DR site isn't powered down. DC02 is replicated over to the production site, so we have a replica of DC02 on the Production side. What process should I take to get the DC02 failed over to the production site with the least disruption? My understanding would be
  • Run a replication from DC02 to the DC02_replica
    Run a planned failover for DC02
    Run an active directory sync from DC01 to DC02
    When the power is restored, run a failback to the original DC02 on the DR site
    Run another active directory sync from DC01
Am I going to need to do any other steps or am I missing anmything here?

Thanks for any help,
Gareth
DGrinev
Veteran
Posts: 1943
Liked: 247 times
Joined: Dec 01, 2016 3:49 pm
Full Name: Dmitry Grinev
Location: St.Petersburg
Contact:

Re: Planned failover of DC

Post by DGrinev » 1 person likes this post

Hey Gareth and welcome to the community!

All you need to know about DCs restore\failover contained in this thread. There are helpful links on page 3, also there is KB here that describes most of the nuances.
Please review it and don't hesitate to ask additional questions. Thanks!
Post Reply

Who is online

Users browsing this forum: Google Feedfetcher and 85 guests