2 Blocks away: » Windows 2003 and Active Directory Disaster Recovery guide (needed or not?)

Windows 2003 and Active Directory Disaster Recovery guide (needed or not?)

Windows is, wether we like it or not, the standard in Office networking services. Active Directory is becoming a standard very fast, which makes it a crucial service in almost any medium to large sized company. Many of these do NOT have adecuate Disaster Recovery plans in place. I have written a few Disaster Recovery guides for Windows until now and the most recent ones about Windows 2003 and Active Directory. Since AD is so complex and Disaster Recovery is (or SHOULD be) a BIG part in the design and implementation process I have gathered all the needed topics that relate to this area.

I was told by a colleague that he would give gold to have a complete refence guide for Disaster recovery for windows 2003 and especially Active Directory that explains all the different options and possiblities AND the right steps.

I have the index included here as this is WAY too big to be an online article. I am thinking of getting it published since I am over 50% done with the whole thing (we are approaching quite a few pages!!) and I would like comments whether this is has areas missing or not and what the opinion of other people is, PDF download or paper print? What would you prefer? Would you even pay for such a guide? I am also inclined to make it free and just make it a big PDF and then just as for donations.

I am interested in hearing your opinions.

This is a more or less overview what will be included and does not reflect the final version but it gives you an idea.

Table of Contents

Preface
Who should read this book?
Description of the Operating Environment
How to use this book
Disaster Types covered by this document
- Single DC Hardware Failure
- Complete site hardware failure
- Single DC AD corruption
- Restore deleted objects
- Site AD corruption
- Corporate (Global) AD corruption
- Corporate (complete) Hardware failure
Part 1:Design and implement a Disaster recovery plan for your organization.
1. Active Directory design principles
2. What we don’t need: decisions
3. Lagsite design and implementation
4. Better save then sorry
5. Documents you need to make a proper disaster recovery plan
6. How to present it to the management
Part 2: Disaster Recovery:
1. Single DC Hardware Failure (most common)
  - Cleaning up the AD of old records after or before a DC re-installation
  - Installation of the DC
  - Promoting the DC
2. AD Corruption on a single DC
  - Option 1: Restoring AD from backup
    - NON-AUTHORITIVE RESTORE
  - Option 2: Replication
  - Option 3: Rebuild DC with Install from Media
3. Recovery of Deleted or lost objects
  - Authoritive Restore
4. Global AD corruption
  - Restore the first DC for the root domain
  - Restore the first DC in each of the remaining domains
  - Enable the DC in the root domain to be a GC
  - Recover additional DCs in the forest by installing Active Directory
  - Post recovery steps
5. Site AD Infrastructure (hardware) failure
6. Global AD Infrastructure (hardware) failure
Part 3: Recovery details
Recovery Steps explained:
1. To install the DNS Server service
2. To disable a Global Catalog
3. To raise the current RID pool
4. To delete server and computer objects of removed DCs
5. To remove the failed server object
6. To remove the failed computer account
7. To reset machine account password of the DC
8. To reset krbtgt password
9. Reset trust passwords on one side of the trust
10. To enable the DC in the root domain to be a Global Catalog
11. Precautions regarding different hardware
Preventive and measurements:
1. Backup strategies
1. Virtualization
Seizing FSMO ROLES
1. What are they?
2. Why are they so important?
3. Things to remember about FSMO
4. What happens if one role is non-existent?
Important things to consider when restoring AD from backup
Microsoft KB article 216993 explained
Micrsoft GPMC explained
References