Domain controller restore from backup

The_Librarian

The_Librarian

Another MyBB
Super Moderator
Joined
Nov 20, 2015
Messages
41,546
Reaction score
21,125
Location
Dark room in Adventure. Grues abound.
So the one (primary) domain controller (in a VM) went titsup over this weekend what with the loadschitting and all that.

I have got a backup of the VM, but it was made 7 days prior.

Will I have any issues in just restoring this DC to a working state and proceed as usual? Or do I have to rebuild?

This DC had all the FSMO roles etc, and it was the first DC to be started up when creating the domain.
 
The_Librarian said:
So the one (primary) domain controller (in a VM) went titsup over this weekend what with the loadschitting and all that.

I have got a backup of the VM, but it was made 7 days prior.

Will I have any issues in just restoring this DC to a working state and proceed as usual? Or do I have to rebuild?

This DC had all the FSMO roles etc, and it was the first DC to be started up when creating the domain.
Click to expand...

You'll just be behind on changes made within the 7 days obviously.

You're only option is to spin it up but keep the backup. I might also recommend doing live replication. The perks of running VM's
 
The intresting part of this , is when you do the non authoritive restore of the primary dc , do you have to seize the fsmo roles first and transfer it to the secondary DC ? Or can you just restore the primary DC as is , and then let the primary dc replicate changes from the secondary dc , without messing around with fsmo roles ?
 
Last edited:
Love how all the experts are missing.

@The_Librarian so what did you do?

If it were me, promote another DC, seize the roles and create a new backup DC.

I still have nightmares from a 2008 DC. Some id10t went and used a VM snapshot when the main DC went bonkers.

Effect? Replication never made any sense.
 
Should actually test this before it happens in real life.

...**** it, life is too short to play with domain controllers in Azure. I got better things to do.
 
Hellhound105 said:
Safe mode authoritive restore? Or just loaded the 7day old back and life went on?
Click to expand...

doubt it.Most likely did a "default" non authoritive restore.

I did some research and the "official" best practice is as follows ....

if you have a working backup of the primary DC with the fsmo roles , and can restore it within a few days , then do that as your first option.

If you primary DC (has the fsmo roles) , and is going to be offline forever or for a lengthly period of time then seize the fsmo roles to the secondary dc.Format and wipe the primary DC and dont restore it back , else you will have 2 dcs with the fsmo roles , and then everything will break.
 
last year i had my entire site went down with all my dcs go offline ...

My disaster recovery plan was as follows ...

1) Restore the primary dc as a non authoritive restore (Veeam does this by default and cant change it)
2) Once restored , had to go into the registry and force the dc to pick it up as an "authoritive restore.
3) Let the primary dc settle down for a few hours to make sure it was updated and functioning as the main dc.
4) Restored the secondary dc (non authoritive restore) , and let replication happen

End result all good and no issues.
 
Last edited:
The_Librarian said:
So the one (primary) domain controller (in a VM) went titsup over this weekend what with the loadschitting and all that.

I have got a backup of the VM, but it was made 7 days prior.

Will I have any issues in just restoring this DC to a working state and proceed as usual? Or do I have to rebuild?

This DC had all the FSMO roles etc, and it was the first DC to be started up when creating the domain.
Click to expand...
*sees a Libs thread*

Expected the 2003DC to have another wobbly :ROFL:
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X