Server information of each site
Site A (Production)
Server A1 (Application server - Window cluster) Server B1 (Database Server -
Windows/MS SQL cluster) Server C1 (Database Server â?? Windows/MS SQL cluster)
Server F0 (Existing Domain controller), F1 (New Domain controller) OS
(Windows 2003 server enterprise R2/SP2)
OS for Server A1, B1, and C1 are on external SAN volumes OS for Server F1
are on internal disks.
Site B (DR â?? Disaster Recovery)
Server A2 (Application Server â?? Windows cluster) Server B2 (Database Server
â?? Windows/MS SQL cluster) Server C2 (Database Server â?? Windows/MS SQL
cluster) Server F2 (Domain Controller â?? Fresh installation OS only)
Server D (Fax Server)
Server E (Citrix Server)
OS (Windows 2003 Server enterprise R2/SP2)
OS for Server A2, B2, and C2 are on external SAN volumes. The OS for these
servers is replicated from OS of servers (A1, B1& C1). Hence the
configuration of server (A2, B2 & C2) is exactly same as servers (A1, B1 &
C1).
OS for Server F2, D & E are on internal disks.
Server F2 is configured with basic OS with the same IP address and Host name
as of server F1.
Setup & Configure Step (1st time)
Site A
Configure Server F1 at site A as additional domain controller along
with existing domain controller. These domain controllers serves
domain â??XYZ.comâ??.
The server F1 holds all the FSMO roles except Infrastructure role.
Configure Server A1,B1 and C1 server and join to domain â??XYZ.comâ??
Bring servers D & E to Site A(Production) from Site B(DR)
Setup and configure servers D & E and join to domain â??XYZ.comâ?? at
Site A
After joining domainâ??XYZ.comâ?? for servers D & E, move back both
servers to Site B(DR).
Perform a full or system state backup at site A from existing AD
server F1 using â??ntbackupâ?? and copy backup file(.bkf) from domain
controller(F1) at site A to domain controller(F2) at site B.
Site B
Restore backup file (.bkf) on domain controller (F2) at site B.
Now server F2 becomes new independent Active Directory server at site
B.
Replicate OS (using IBM SVC) of servers A1, B1, and C1 at Site A to
servers A2, B2 and C2 at site B respectively.
Bring up Server A2, B2, and C2
On boot, servers are able to login as domain member.
Servers D & E (Fax & Citrix) which were joined at Site A and brought
back to site B are now boot up at Site B.
Servers D & E (Fax & Citrix) are also ble to login as domain members.
Periodic restore (Perform DR restore & Testing â?? Daily or weekly)
Note: At DR Site all servers D, E, F2, A2, B2 and C2 were already able to
join and login as domain member when first time setup & configuration was
done. But to keep the Active Directory server at site B up to date as Active
Directory server at site A, we are backing up the Active Directory server
(F1) at site A and restoring it on Active Directory server (F2) at site B
periodically.
Perform a full or system state backup at Site A from existing AD
server F1 by using â??ntbackupâ?? and copy backup file(.bkf) from site A
to site B.
Perform restore on AD at site B using latest backup file.
Boot up servers A2, B2, C2 and try to login as domain member, but
login fails.
Boot up servers D & E server, try to login as domain member, but
login fails.
It is not necessary that it will fail on second restore. Sometimes it
work even if we restore Active Directory server several times in 3-4
days, but after 3-4 days or 1 week when we backup and restore only
Active Directory, some of the servers (A2,B2,C2,D & E) are not able to
login as domain members.
But since OS of servers A2, B2 & C2 are on external SAN disks, we can
replicate the OS of servers A1, B1 & C1 to servers A2, and B2 & C2. In
this case these servers (A2, B2 & C2) are able to login as domain
members.
But OS for servers D & E is not on external disk and we can not
replicate OS for these two servers.
For example, the servers (A2, B2, C2, D & E) were able to login as
domain member on 30th June with the backup file of Active Directory also
of the same date. So for next few days (1st July and 2nd July) we
performed backup of Active Directory server (F1) and restored it on
Active Directory server (F2) at site B. We booted the member servers and
the servers could join as domain members. But later after few days say 4
th July, we performed backup again of Active Directory (F1) at site A
and restored it on Active Directory server(F2) at site B. This time we
boot the member servers, but these servers could not login as domain
members.
So to check whether the newly restored AD server (F2) also requires the
OS of servers at the same moment or close to some range of time, we
replicated OS of only A2, B2 and C2 on 4th July and boot these servers.
Then these serves were able to login as domain members.
We have tested the above cycle several times and our observation is same
every time.
Question:
Why servers (A2, B2, C2, D & E) are not able to login as domain
members after 3-4days?
Why servers A2, B2 & C2 after replicating OS are able to login as
domain members?
Any permanent solution?