I have several RODC on remote sites, and sometimes power failures corrupts ADDS database which takes some time to recover. I'd like to move RODC to virtual machine (on same server) to be able in case of failure just rollback to previous checkpoint. I know that it should not be done in case of writeable DC, but can't find any mentions about RODC.
OS: Windows 2008R2 Standard
VM: Hyper-V
Summary: Can RODC be rolled back to saved state on hyper-v? What should I do to force synchronization after such rollback?
Best Answer
IIRC Hyper-V snapshots are supported in Windows Server 2012. In all cases, snapshots are equivalent to "restore from backup". So you should honor general rules of restoring AD from backup. The most important parameter is the TSL (Tombstone Life Time). I.e. restoring a snapshot older than TSL can cause a lot of troubles. It's better and easier to rebuild the RODS in that case.
UPDATE:
Some of the Microsoft's recommendations:
"...Do not use the Snapshot feature as a backup to restore a virtual machine that was configured as a domain controller. Problems will occur with replication when you revert the virtual machine to an earlier state. For more information, see USN and USN Rollback. Although using a snapshot to restore a read-only domain controller (RODC) will not cause replication issues, this method of restoration is still not recommended..."
Found under: Backup and restore practices to avoid