Alfred's New Ramblings

The importance of the domain controller

The first step of any site disaster recovery (DR) is the recovery of the domain controller.   This server holds all the user and service accounts and controls the rest of the servers.  Without it, the entire IT infrastructure won’t really work. You will find by now that it is a chicken and egg situation; you need an operational domain controller to restore the backup copy. Hence rule number 1

1. Always have a working domain controller at an off site location. Off site does mean the other office on the 12th floor or Tower B. Off site means literally another office in another city block or another suburb.  Why?  If there is a large fire, the police will cordon off and evacuate all persons within the affected property.

You do not need to buy a spanking new top of the line server for this.   Just a physically secured PC will do. During normal functions, this server is working as a cache.  If there are users at the same site, it will help to authenticated them.  In the event of a disaster, it will be the queen bee to create more domain controllers.

If the organization is a small single site outfit, consider having the off site domain controller located in your cubicle.  Do not use your work PC as a domain controller.  Otherwise any virus infection or operational mistake will knock out your whole organization.

If the off site has sufficient space to be a DR data center, that would be excellent.  If not, you need to go over there, get the doors open and alarms disabled, cart the PC to your DR data center.

There are now new technologies to make your life easier.  Consider the options:

1. Disaster Recovery restore option from Backup Exec  or  Arcserve.  These products works best when the target server hardware is the same as the source server. If you have this, you will need to keep the required boot CD up to date.  You will also need to test this after any hotfix or service pack update of the backup software.

2. Virtualization. It is possible to operate one of the production domain controller as a virtual or guest.  For day to day backup, just backup the entire fire image or vmdk file.  All you need to restore is just this set of files and you are good to go.  There are some issues to consider.

How is the backup performed and how you plan to restore.  If you are going to use FTP to save on the necessary software options to talk to the virtual hosts, remember to add some alerts so that you know that it is working.

Some food for thought

Related posts:

  1. Outlook 2007 Free/Busy and Exchange 2003
  2. Replmon and NWlink
  3. Giving a presentation without a projector.
  4. Gone
Tagged on:
By AL | August 12, 2011 | Work | 1 Comment |



One thought on “The importance of the domain controller

  1. Pingback: Practical disaster recovery plans – Alfred's New Ramblings

Leave a Reply

Your email address will not be published. Required fields are marked *