All: We are trying to pin down a policy for disaster recovery for our AD domain controllers. Reading various material, it seems to be all over the place. I've seen docs that cover everything from "it's replicated, you don't need to backup" to doing an image backups on all DCs.
We realize that for general server type of failures, we can simply replicate a new copy after a rebuild. We want to have a practice in place that will allow us to recover our AD database(s) in case of a scenario where we would need to rollback our AD to a previous state. Scenarios such as a bad schema change, a replicated corruption to all DCs/GCs, etc. What are other folks doing to protect their AD infrastructure? We currently are not running DNS on our domain controllers. Diane List info: http://www.activedir.org/mail_list.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
