In this Blog we will be performing Active Directory Domain Recovery for US site. In part one we understood what data is important before performing recovery. Post Metadata Cleanup the DC2 for US site is completely removed from network. Active Directory has no information about DC2. Now its safe to perform DCPROMO from US site.
Under Active Directory Sites and Services ensure that Subnet is properly configured and also Site name “US” exist for US site.
While Running DCPROMO the Wizard will automatically locate US site based on the IP address and Subnet Masks. If the wizard is not able to locate the site then first fix that and then proceed further.
DNS server should be reachable.
Post running DCPROMO this what you should see under Active Directory Users and Computers.
Figure 2.1 : Data available on DC2.
In figure 2.1 we are now able to see the exact data which is available on both DC. This is the flexibility of Active Directory. With a multiple Domain Controllers it is fast and easy to restore the entire network. Provided they are reachable.
Under DNS in Name Servers Tab the recovered DC should be listed post DCPROMO.
Commands to check if the recovery has succeeded.
Figure 2.2 : US site
In figure 2.2 the site US is now available.
Figure 2.3 : DSGETDC
DSGETDC lists almost all basics information which will help us to understand much better.
Figure 2.4 : DCLIST
In figure 2.4 it will give us more information based site names.
The above commands were performed from DC2 which was recovered.
Now so far we have seen DC behavior and also basic commands.
Its time to check what clients have to say.
For testing purpose we have rebooted the client machine so that local clients are able to locate local DC in their respective site.
Figure 2.5 : User Name, Client Machine Name.
In figure 2.5 the user name is User1 and the computer name is CLIENT1 and the logon server is “DC2” this is the desired result.
Figure 2.6 : DNS Result.
In figure 2.6 DNS Result is not able to locate DC2 along with FQDN name and also IP address. Which is a good sign.
In this two part series what we have learnt is without performing AD System State restore we were able to recover based on the data available on another site.
Conclusion : It is highly recommended that we should have at least two domain controllers to perform the steps listed in the two part article.
If you wish to read the first part of this blog series please click below.
MSEXCHANGETEAM | Ideas That Clicks