Restoring Domain Controller w/FSMO Roles?

Discussion in 'Acronis True Image Product Line' started by 2marshall8, Apr 7, 2009.

Thread Status:
Not open for further replies.
  1. 2marshall8

    2marshall8 Registered Member

    Joined:
    Apr 11, 2006
    Posts:
    18
    I am looking at upgrading my "Primary DC" or the DC that has all the FSMO roles to new hardware and want to keep all my settings and programs and migrate these to the new server. My concern is when I upgrade to the new hardware and restore the existing acronis image how can I successfully do this and retain proper active directory replication between my 9 dc's. I don't want USN rollback hell.

    My Sites Look Like this and are connected over a VPN

    dc= all 5 FSMO roles and global catalog
    site1= global catalog
    site2= global catalog
    site3= global catalog
    site4= global catalog
    site5= global catalog
    site6= global catalog
    site7= global catalog
    site8= global catalog
    site9= global catalog

    I have done successful restores on sites 1 through 9. I basically booted upto acronis, did the restore, booted into directory services restore mode, restored the system state in a non-authoritative fashion, and then rebooted into windows and everything replicated and synced back up fine.

    My concern is can I follow this same procedure with the domain controller that has my 5 fsmo roles or should I do something else? What do you recommend?

    thanks
     
    Last edited: Apr 7, 2009
  2. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello 2marshall8,

    Thank you for your interesting in Acronis True Image

    In order to successfully restore machine running a Domain Controller you must check the “Enable VSS support” box in the Database support window of Acronis True Image (Tools -> Options -> Default Backup Options).

    The safe way to back up an Active Directory server is to first back up Active Directory using Microsoft Ntbackup (see Active Directory Backup), and then use Acronis True Image to back up the server itself. If you need to restore the Active Directory server, you should use Acronis True Image to restore the server itself and then restore Active Directory using Microsoft Ntbackup (see Active Directory Backup).

    Backing up

    1. Use Microsoft Ntbackup to back up Active Directory. For information with using multiple domain controllers see Windows 2000/2003 Active Directory is out of Sync After Primary Domain Controller Rollback. In Windows Server 2008 use Windows Server Backup.
    2. To make sure the backup can be restored without the Ntbackup in a single domain controller environment please follow these steps for a Windows 2000 domain controller:

    Stop ntfrs and netlogon services either manually or using the Before/after data capture commands option of Acronis True Image:
    Run the Backup wizard, select the drive you want to back up and choose the type of backup;
    On the Choose Backup Options screen select Set the options manually;
    On the Backup Creation Options screen, select Before/after data capture commands -> Use data capture -> Before data capture -> Edit;

    Create a batch file with the following commands:
    net stop ntfrs
    net stop netlogon

    Place the batch file in the system32 folder of the Windows operating system directory.
    In the Command field type in the path to the batch file;
    In the Working directory field type in the path to the system32 folder:

    Click OK and then select After data capture -> Edit;

    Create a batch file with the following commands:
    net start ntfrs
    net start netlogon

    Place the batch file in the system32 folder of the Windows operating system directory.
    In the Command field type in the path to the batch file;
    In the Working directory field type in the path to the system32 folder.
    Click OK, then hit Next to go through the rest of the Backup wizard.

    3. If a Windows 2003 Server VSS can be used instead to make the active directory database consistent in the backup, see Domain Controller Cannot Start after Restore

    Restoring

    1. Restore the image of the server using Acronis True Image;
    2. Restore Active Directory using Microsoft Ntbackup

    Best regards,
    --
    Dmitry Nikolaev
     
  3. 2marshall8

    2marshall8 Registered Member

    Joined:
    Apr 11, 2006
    Posts:
    18
    I cannot get to this last hyperlink to the article on "Domain Controller Cannot Start after Restore". It asks me for a login and password.
     
  4. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello 2marshall8,

    Thank you for your interest in Acronis True Image

    Use the following link

    Best regards,
    --
    Dmitry Nikolaev
     
  5. 2marshall8

    2marshall8 Registered Member

    Joined:
    Apr 11, 2006
    Posts:
    18
    I have one question that I need answered from someone with experience in this area before I do this transition.

    I would like to know if I do the repair install (which I must do due to creating dynamic disks which prevents me from a universal restore) and follow the below steps will this successfully get me up on the new server with replication working from all the DC's in my domain?

    --== Migration Steps ==--

    1. Uplug the network cable from the HP machine
    2. Backup through acronis system and data partitions on DC
    3. Backup system state on dc – make sure this is the latest
    4. Shutdown and Turn off DC
    5. take this backup drive over to the hp and load the acronis system and data volumes onto it
    6. Upon boot things will not work (Auto reboot occurs with quick blue screen) so we bootup to a windows 2003 sp2 disc and do a repair installation of windows
    7. When this finishes it’s repair and we are in windows we reboot again into ad restore mode.
    8. ** The network cable is unplugged this entire time **
    9. change data volume drive letter in ad restore mode to e: - this will display shares correctly again
    10. restore the system state we just backed up – this is a non-authoritative restore of active directory
    11. reboot into normal mode making sure the network cable is still unplugged and setup the network IP information
    12. reboot again into normal mode and check logs to make sure everything is correct. Replication will now occur between all the dc’s
    13. As it’s rebooting and in the bios connect the network cable. This is in relation to the above step
    14. setup any other remaining areas to get the DC back into it’s original state
    a. uninstall dell utilities and install HP monitoring ones
    b. Check online backup core data program
    c. Check auction tracker firebird install
    d. Apps to Check
    i. Veritas
    ii. Undelete
    iii. Diskeeper
    iv. Windows Updates
    v. Free SMTP Server
    vi. Delta Copy
     
Thread Status:
Not open for further replies.