Replication Lag Site: Active Directory DR
- From: RC <RichJChristy@xxxxxxxxx>
- Date: Wed, 26 Dec 2007 14:13:03 -0800 (PST)
Has anyone every considered setting up a replication lag site for DR?
Came across an interesting artical regarding this DR method.
Essentially you create a "lag" site by putting a domain controller
from each domain in the forest into its own site with a site link to
the "lag"site. Configure the lag-DR site link for a replication
frequency of 96 hours. That means that the DR site domain controller's
copy of the AD will be 96 hours behind the rest of the forest. If a
user accidentally wipes out 10,000 users and/or a couple OU's you now
have a DC that has a copy of the AD before the deletion took place.
You can go to the DC in the lag site, which still has a copy of the AD
before the deletion and perform an authoritative restore using that
DC's copy of the AD, and push it out. Again, this depends on when the
lag site replicates and when the deletion took place. If replication
takes place on Monday and Friday, and the deletion happens Thursday
night, then you have a small window of opportunity but still the
window of oppertunity is there and rather easy to get back up and
running.
thoughts???
.
- Follow-Ups:
- Re: Replication Lag Site: Active Directory DR
- From: Jorge Silva
- Re: Replication Lag Site: Active Directory DR
- Prev by Date: Re: IE History with Temp Internet files
- Next by Date: Re: howto: remove "extra registry settings" showing in GPO
- Previous by thread: Re: IE History with Temp Internet files
- Next by thread: Re: Replication Lag Site: Active Directory DR
- Index(es):
Relevant Pages
|
