Active Directory Disaster Recovery in a Small Business

active-directorybackupdisaster-recoverywindows-server-2003windows-server-2008

This is hypothetical question, but one I’m sure that someone must have encountered and/or given some thought to before.

Situation:
Consider this, a small business is running an Active Directory domain and has two domain controllers which are located in their office. The domain controllers are both physical servers (no virtualisation).

A system state backup of the domain controllers is run every day.

The company suffers a disaster (a fire or flood) that damages their servers beyond repair.

The company would like to rebuild their domain controllers using the backups however they cannot get hold of the same make and model of servers (because they’re a few years old). This presents them with a problem because Active Directory is backed-up as part of the ‘system state’ which means it’s tightly coupled to the original hardware.

Summary:
Unless a small business has the ability to host one domain controller offsite (to safeguard against a potential disaster that damages all the servers at their office) then at least one of their domain controllers must be virtualised in order to make the restore process hardware agnostic (thus not requiring them to buy the exact same model of server). Would you agree?

Best Answer

No I do not agree. In fact, even a Win 2003 DC it is possible to restore to different hardware and salvage AD. Now, you probably want to get a fresh install of Windows up on another box after the restore to replicate AD to and then demote the restored box since it probably isn't the stablest of systems, but it works. Google "active directory backup and restore" and the first link is http://technet.microsoft.com/en-us/library/bb727048.aspx. Here is the section you need to pay attention to:

Considerations for restoring onto different hardware

It is possible to restore a domain controller onto different hardware. However, you should consider the following issues:

Different hardware abstraction layers (HALs). By default, the Hal.dll is not backed up as part of system state, however the Kernel32.dll is. Therefore, if you try to restore a backup onto a computer that requires a different HAL (for example, to support a multiprocessor environment) compatibility issues exist between the new HAL and the original Kernel32.dll. To overcome this incompatibility, manually copy the Hal.dll from the original computer and install it on the new computer. The limitation is that the new computer can use only a single processor.

Incompatible Boot.ini File. If you backup and restore the boot.ini file, you might have some incompatibility with your new hardware configuration, resulting in a failure to start. Before you restore it, ensure that the boot.ini file is correct for your new hardware environment.

Different Network or Video Cards. If your new hardware has a different video adapter or multiple network adapters, then uninstall them before you restore data. When you restart the computer; the normal Plug and Play functionality makes the necessary changes.

Disk Space and Partition Configuration. Partitions on the new computer must match those on the original computer. Specifically, all the drive mappings must be the same and the partition size must be at least equal to that on the original computer.

Related Topic