Single domain server - preparing for disaster

L

LoStMaTt

2[H]4U
Joined
Feb 26, 2003
Messages
3,180
So a couple of my clients rely on a single server that hosts their domain, user documents and one SQL database application.

I currently have a file based backup solution but want to have some other type of backup that would secure their system in case of total failure.

What would you guys recommend?

I have a few clients running exactly like this and would like to sleep better at night.

Edit: I'm guessing it would have to be some kind of hardware independent disk image of some kind? One that I could restore to a new server to new hardware?
 
If they're really that small then a rotating bare metal backup kept offsite would probably work fine.

You can always pay for online storage. Or buy a NAS that uses iSCSI, connect the server to that, attach an iSCSI disk and use Windows Server Backup to that iSCSI disk.
 
If any of them are due for new hardware, strongly consider virtualization. Easy, as configured, image level backups. The right software can reach in and do your file level and/or exchange restore as well.
 
Look at StorageCraft ShadowProtect on a small, but powerful workstation with multiple disks. They have several lines of the ShadowProtect product, but the overall need for your BDR is hardware independent recovery and VM boot-ups. You can use their ImageManager product to "boot" a backup as a VM. They've integrated Virtualbox into their product so you're backups can be spun into fully loaded VMs in a couple minutes.
 
firedrow said:
Look at StorageCraft ShadowProtect on a small, but powerful workstation with multiple disks. They have several lines of the ShadowProtect product, but the overall need for your BDR is hardware independent recovery and VM boot-ups. You can use their ImageManager product to "boot" a backup as a VM. They've integrated Virtualbox into their product so you're backups can be spun into fully loaded VMs in a couple minutes.
Click to expand...

+1 I use the StorageCraft products at work and at home.
 
Another + for ShadowProtect. We have multiple clients running 1 server domains with ShadowProtect. Some do an external hard drive rotation into a fire/theft safe to protect in case of disaster.
 
In a single-server domain controller environment, recovering from a file-based backup sufferers the chicken/egg problem.

Can't recover the domain controller until you have an OS. Can't recover the OS until you have your backup software installed. Can't recover AD until you have a Domain Controller. Oh, and you did document all Windows Update Patches that were installed just prior to the untimely death of the server, right? ;)

A full-disk, image-based backup is the only appropriate backup in this scenario for, at minimum, your C drive. The solution MUST support an out-of-band recovery mode (bootable USB/CD, etc).

It really should also support the ability to recover to foreign metal, in the event of hardware death. Not supporting this could scrap your whole recovery process when you most needed it.

Honestly, user data is easy to recover. Applications less so, and AD in a single DC environment - a PITA. In the few environments that I've supported where they're small and only have a single server, I've convinced them to install a small desktop computer. Nothing fantastic, but it has Windows Server installed on it and it is a domain controller. The OS license is the most expensive line item in this instance. This is what I've done in order to help avoid the chicken/egg problem inherent in a single-server DC environment. This way when the DC dies, I still have a live copy of AD running, I can do what i need to do to recover the old server's data and applications and simply roll a fresh DC. Well, not entirely simple - need to clean out stale records from NTDS, ect.
 
Virtualization, even if a single server, is the way to go these days. Hyper-V makes it extremely simple. It solves the foreign bare metal install issue in the face of hardware failure and makes backups a TON easier.

That said, I try to always run 2 DCs as well. Quite frankly the best disaster setup for AD is an offsite 2nd DC, but that is not usually an easy option.
 
Does no one else use Windows Server backup in 2008 to do a full backup to an external hard drive? it supports bare metal backup/restore for a local backup/restore. No extra software needed and you can mount the vhd to do a file recovery if needed... This would be a swap local hard drive in a safe method...

Or virtualize which makes restoring independent of the hardware.
 
Tell them to stop being so god dam cheap, grab a cheap Dell tower server on sale for like $300 and get a 2nd AD/DC server up, period, done!

Heck, take some old crappy desktop they got lying around and make a AD/DC out of it...

heck invest in a semi okay box and as above said, do offsite read only for them....start a business from it!
 
As pointed out by another, not having 2 domain controllers is plain stupid.

When you have only one DC your restoration software must be:

  • A full image type
  • Available to be deployed offline
  • Able to deploy to different bare metal
  • Be AD aware



It's cheaper/smarter to take ANY PC and install Windows Server on it with the DC role. Even if it a best buy special it fixes half the problems above and gives you the option to use more normal backup and restore options for your primary box.
 
"If they're running SBS of some flavour it may not be so easy."


SBS has no issues with a 2nd or 3rd DC being on the domain
 
I would setup another server to act as a "backup" domain controller. Does not even have to be redundant, even a spare laptop would do at this point though obviously a real server is better. Just keep the FSMO roles on the main one. When the FSMO DC goes down you're still dead in the water but at least you did not loose all the AD accounts and other info. Setup new DC then let it sync up. You can also force FSMO roles on the backup DC to get running again. Huge pain in the ass though. Been through that once, not fun.

Virtualization also makes image level backups easier. Stuff like AD is very hard, if impossible to recover with just files since everything is so deep embedded everywhere like the registry etc.

It's good to have image level backups of systems that host specialized stuff since often there's more to it than just files.
 
It's the time stamp tombstone stuff that makes AD break if a DC goes down and you only have one DC.

That's why normal non AD backups are useless.

You restore the backup and the timestamps are all off, so the whole system pukes.

AD aware backups reset the system and are aware of when the backup was taken and when it is being restored and makes the necessary changes to allow the system to come back online without puking, but AD aware backup software is not cheap. Usually $300+ on sale and $699+ without sales.
 
the issue with SMS could be they don't want to pay $600 for a server 2012 license on top of the server.
 
Mackintire said:
It's the time stamp tombstone stuff that makes AD break if a DC goes down and you only have one DC.

That's why normal non AD backups are useless.

You restore the backup and the timestamps are all off, so the whole system pukes.

AD aware backups reset the system and are aware of when the backup was taken and when it is being restored and makes the necessary changes to allow the system to come back online without puking, but AD aware backup software is not cheap. Usually $300+ on sale and $699+ without sales.
Click to expand...

The default tombstones vary greatly, based on when the forest was created and updated but it is between 60 and 180 days. Provided that the backup you are recovering from is less than the tombstone age for your forest, then recovering from a straight image is AOK, as any surviving domain controller will overwrite the stale information during the next replication. This would be no different than taking a DC offline for a month or two and starting it back up. So long as it replicated prior to the tombstone lifetime, it is safe. Outside of that, in the quiet words of the Virgin Mary, you're screwed.

But mind you that Microsoft's preferred method of domain controller recovery is to roll a fresh host and promote it. Recovering a DC from backups are only recommended when there are no other surviving domain controllers for you to replicate with.

A benefit of having a AD-aware backup process is that the backup process will truncate transaction logs, which will reduce the space consumed on your windows\ntds folder and will get rid of those pesky event logs warning you that your domain controller hasn't been backed up in the past 30 days (if memory serves me).
 
You must log in or register to reply here.
Back
Top