none
Backup domain controller

    Question

  • Hi,

    I have a Windows Server 2008 active domain controller in a company of approx 30 employees.

    Do I need a backup domain controller aswell? Can this be a Windows Server 2003 machine?

    If not, can I use an old lower spec machine and just have it as a read-only domain controller?

    Is it just enough to backup the system state?

    Thanks in advance,
    G
    Thursday, June 19, 2008 8:30 AM

Answers

  • thegman said:
      
    Do I need a backup domain controller aswell?
        
      

       
    It is best practice to implement multiple Domain Controllers for redundancy.
       
    You don't need to implement a second Domain Controller, but the risk of having one Domain Controller is losing the user accounts, groups memberships and other information stored in Active Directory. If that's a risk you're willing to take, you don't need to implement a second Domain Controller.
      
      
    thegman said:

    Can this be a Windows Server 2003 machine?

       

       
    It depends on your domain functional level.
    When you promoted your server you had the opportunity to set the domain and forest functional level.
    If your domain functional level is set to Windows Server 2003 you can add a Windows Server 2003 Domain Controller.
        
    Checking your domain functional level in Windows Server 2008 looks remarkably similar to checking the domain functional level on Windows Server 2003. Log on to the Domain Controller with a user account that is a member of the Domain Administrators group. Open Active Directory Domains and Trusts. In the console tree, right-click your domain, and then click Raise Domain Functional Level. This screen will show you the domain functional level.
       
     
    t hegman said:

    can I use an old lower spec machine and just have it as a read-only domain controller?
     
     

       
    You can use a lower spec machine if you want to make a redundant Domain Controller.
    The Domain Controller fastest in answering your clients requests will be used. Using a lower spec machine will result in the 'backup' Domain Controller being used only when your current Domain Controller is busy or down.
        
    Read-Only Domain Controllers don't add redundancy. To add redundancy add a Read-Write Domain Controller.
        
        
        
    t hegman said:
      
    Is it just enough to backup the system state?
      
        

         
    To backup your Domain Controller it is enough to backup the system state.
    If any other important data lives on your server disks it might be wise to make backups of it too.
    Thursday, June 19, 2008 10:39 AM

All replies

  • thegman said:
      
    Do I need a backup domain controller aswell?
        
      

       
    It is best practice to implement multiple Domain Controllers for redundancy.
       
    You don't need to implement a second Domain Controller, but the risk of having one Domain Controller is losing the user accounts, groups memberships and other information stored in Active Directory. If that's a risk you're willing to take, you don't need to implement a second Domain Controller.
      
      
    thegman said:

    Can this be a Windows Server 2003 machine?

       

       
    It depends on your domain functional level.
    When you promoted your server you had the opportunity to set the domain and forest functional level.
    If your domain functional level is set to Windows Server 2003 you can add a Windows Server 2003 Domain Controller.
        
    Checking your domain functional level in Windows Server 2008 looks remarkably similar to checking the domain functional level on Windows Server 2003. Log on to the Domain Controller with a user account that is a member of the Domain Administrators group. Open Active Directory Domains and Trusts. In the console tree, right-click your domain, and then click Raise Domain Functional Level. This screen will show you the domain functional level.
       
     
    t hegman said:

    can I use an old lower spec machine and just have it as a read-only domain controller?
     
     

       
    You can use a lower spec machine if you want to make a redundant Domain Controller.
    The Domain Controller fastest in answering your clients requests will be used. Using a lower spec machine will result in the 'backup' Domain Controller being used only when your current Domain Controller is busy or down.
        
    Read-Only Domain Controllers don't add redundancy. To add redundancy add a Read-Write Domain Controller.
        
        
        
    t hegman said:
      
    Is it just enough to backup the system state?
      
        

         
    To backup your Domain Controller it is enough to backup the system state.
    If any other important data lives on your server disks it might be wise to make backups of it too.
    Thursday, June 19, 2008 10:39 AM
  • Many thanks for a very informative answer.

    G
    Thursday, June 19, 2008 2:19 PM