Search

Server

Replicating Active Directory

Author: Ian Murphy

Posted: 20 November 2008

Category: Server

Tags: , active directory, back up active directory, backing up active directory, replicating active directory, Windows Server

This is one of the easiest systems to add redundancy to. Active Directory contains all the information about your customer’s users and machines. If this fails, and you have no backup, they have a problem.

But even if you’re backing up their AD, backups can fail and changes can take place outside of the backup schedule. If those changes include user passwords, this can become a real problem. As well as taking regular (daily) backups, you can protect AD using server replication.

In principle this is simple but much depends on the complexity of your organisation. For a single office you can use a virtual machine on another local server as a backup domain controller.
If you have multiple mid-sized offices where bandwidth between offices is an issue, you might want to have multi-masters where each site is supported by its own domain controller. These are then synchronised so that a failure at one site will be covered by a domain controller on another site.

To create a backup domain controller using a virtual machine:

1. Install Microsoft Virtual Server or VMware Server on an existing computer.

2. Install Windows Server as a member server and join it to the domain.

3. Login as a Domain Administrator.

4. Start Server Manager.

5. Run the Add Roles wizard.

6. Select Active Directory Domain Services which launches the Active Directory Domain Services Installation wizard.

7. On the Deployment Configuration page, go to Existing Forest then Add a domain controller to an existing domain.

8. When asked for credentials, select 'Use existing’.

9. Select the domain from the next page.

10. Select the site – this is very important if you are using multiple sites.

11. By default, the new server will be configured as a DNS Server and a Global Catalog server. With Windows Server 2008, Microsoft added a new capability, Read-Only Domain Controller (RODC).

12. Set the location for the database, log files and Syslog directories.

13. When prompted, enter the Directory Services Restore Mode Administrator Password.

14. Save the settings so that you can use them to create another Domain Controller.

15. Finish and reboot.

If the primary domain controller fails, you can then promote this new domain controller to be the primary until you can repair the original domain controller.

You can then build a virtual machine on your own site and create another backup DC. This will provide the client with both local and remote protection.
Click Here to go to the main feature - Fail over, not fall over

Show other articles by this author

Turn DPM and Windows Storage Server into an app... (11 May 2010)
Types of Storage (10 October 2009)
Setting up SANmelody to create your own Storage... (10 October 2009)
Storage: Buy, Build or Restore? (10 October 2009)
Deploying Virtual Desktops using VDI and VMware... (29 March 2009)
Limitations of VDI (29 March 2009)
The architecture of VDI (29 March 2009)
Getting to grips with VDI (29 March 2009)
Is it time for Vista? Solutions for upgrade pro... (24 November 2008)
Backing up: save the data, save the day (21 November 2008)
Protecting against power issues in a small offi... (20 November 2008)
Failover, not fall over - how to keep running w... (20 November 2008)
Building clusters with Windows Server 2008 (20 November 2008)
Handling virtual and physical servers together (20 November 2008)

Email this page Printable version

Share |

Write comment

Name

Title

Write the displayed characters security image

Comment

smaller | bigger

Download

Next Issue - Sep 2010

Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010

FREE SUBSCRIPTION!

Advertise

Request a media pack

Overseas Subcription

Only pay if you are outside the UK

If you are based in the UK - IT Expert is delivered FREE

Overseas: One Year Subscription $75.00

Pay below and send an email with your address to subs@itexpertmag.com

Latest White Papers

There’s more to communication than e-mail
2010-09-02T17:01:40
Five signs your file data is at risk
2010-09-02T09:11:48
The seven security myths of Microsoft Windows 7
2010-08-25T15:15:18
Virtualisation: Adjusting power and cooling to fit the physical gap
2010-08-24T14:42:01
Power and cooling management for the data center
2010-08-23T15:21:28

Download

Microsoft SMB Insight Report (2.2MB)

Because they can respond so quickly as business conditions change,small and midsize companies have an advantage in a volatile and uncertain economic climate".
Steve Ballmer, CEO, Microsoft

Facebook

IT Expert magazine

Promote Your Page Too

IT EXPERT TOP TIP

Download the Windows Server 2008 Administrative templates from http://www.microsoft.com/downloads/details.aspx?familyid=927fc7e3-853c-410a-acb5-9062c76142fa&displaylang=en&tm to get Group Policy setting information for the items under Administrative Templates.
In Windows Server 2008 and Windows Vista Administrative template files can be either ADMX (language-neutral) files, stored by default in the %Systemroot%\PolicyDefinitions folder or ADML (language-specific) files stored in a language-specific folder within that. read more

Search

Replicating Active Directory

Show other articles by this author

Download

Advertise

Overseas Subcription

Latest White Papers

Download

Facebook

RELATED STORIES

IT EXPERT TOP TIP

TAKE THE POLL

Unified communications

Key resources

MOST POPULAR STORIES

RECENT FEATURES

RECENT COMMENTS

RSS FEED