Subscribe

Active Directory aware backups

Hi All

 

I have just performed a DR test with our active directory using both a snapmirror and vault flexclone snapshot and it hasnt gone as expected.

 

Due the way the snapshot is performed I believe it has caused issues with the restore, none of my ADs can replicate properly however the Virtual server is up.

 

Does netapp support an active directory aware backup. Could this be achieved by one of the Snap Manager products similar to Exchange, Sharepoint SQL etc?

 

Many Thanks

 

Re: Active Directory aware backups

In short - no, there is no explicit AD-aware backups in NetApp suite (unless we consider SnapProtect as a NetApp product)

 

AD DCs replicate between each others, so from a DR point of view this should protect you from a site outage

 

If the content of AD requires rolling back to a previous state (e.g. someone "accidently" deleted 1000's of user accounts Smiley Wink), you can do a so called Authoritative Restore from NetApp snapshot on one of your PDC, then the changes should be propagated to other DCs in the environment:

https://technet.microsoft.com/en-us/library/cc940334.aspx

 

Regards,
Radek

Re: Active Directory aware backups

Thanks for that input.

 

The DR test was really to check the integrity of the active directory restore, as we have 5 active directory servers which I restored, there was no replication working, apparently this is due to USN rollback

 

https://support.microsoft.com/en-us/kb/885875?wa=wsignin1.0

 

in short I needed to go back to one domain controller (the one with the FSMO roles) and then force removal and perform a meta data cleanup of the other DCs, then once this was performed I could then repromote the other DCs back and then replication began working.

 

apparently to prevent this issue I do need to use a AD aware backup, its a shame the Netapp out of the box there is no offering but will certainly look at Commvault.

 

The good news is if your using Windows 2012, this is no longer an issue and you can restore virtual AD servers without issue....

 

http://blogs.technet.com/b/reference_point/archive/2012/12/10/usn-rollback-virtualized-dcs-and-improvements-on-windows-server-2012.aspx

 

Cheers