forgot to mention As I know of AD aware backup programs trigger a restored DC to: * Generate a new invocation id for the AD db * Throw away the current rid pool and ask for a new one at the rid master * Puts the current SYSVOL contents asside and "regenerates" new content for the SYSVOL using inbound partners if these have new data or use the data that has been put asside on the restored DC if some of the data on the inbound partner has not changed * anything else....??? As I know of imaging tools don't that
#JORGE# -----Original Message----- From: [EMAIL PROTECTED] To: 'joe '; '[EMAIL PROTECTED] '; '[email protected] ' Sent: 5/6/2005 12:16 AM Subject: RE: [ActiveDir] best practice? Imaging works great (for stand alone servers), but you'll have to be carefull with the additional services installed on the server. Joe already mentioned IIS. Another service that "remembers" the old computer name is DNS, even if it is only installed and not configured! In my test (virtual) environment I still see the old computername in SOA and NS records. After doing some "repairs" everything works great again. Another one I experienced in my VM test environment was when I had a VM configured with w2k3 server, cloned that installation, used ghostwalker to change the name and SID, and after that tried to configure NLB. It kept telling me the second NIC was already listed and that it could not be used again. And I only had configured the first NIC into the NLB config. The problem here was that the HW was not PnPed and because of that the NIC on both servers had the same GUID (look into HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\<GUID>) After removing the NIC in Device manager and scanning for HW changes the NIC got a new GUID and it worked after that. There could be more of these hidden things In my opinion to clone servers quick and dirty for test environments you could use anything, but for production machines I prefer (always) using SYSPREP (supported and free) I wonder, how does microsoft look at the different SID changing utils available? I remember someone telling me that MS only supports SYSPREP and it does not support NewSID, Ghostwalker, etc. Is this true? Cheers #JORGE# -----Original Message----- From: [EMAIL PROTECTED] To: [email protected] Sent: 5/5/2005 7:02 PM Subject: RE: [ActiveDir] best practice? What did you use to change the SID? NewSID? If so it is probably ok for most uses. I assume you rejoined the domain with the new name? Imaging a member has worked quite well and often in my experience though you can run into places where it remembers the old name, for instance like installing IIS and possibly other things. When it generates the IIS accounts for running the various pieces it tends to recall the old machine name and usesthat in the names. I expect it is buried in the meta data somewhere but have never worried enough to go looking for it. That being said, I have never done this in a cluster. I am sure the HP Engineer was umcomfortable with it simply because he/she didn't have experience with it and when building a cluster, I would expect the idea would be to do everything in well known ways considering the reasoning for building clusters in the first place. _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Jessop Sent: Thursday, May 05, 2005 12:47 PM To: [email protected] Subject: Re: [ActiveDir] best practice? When I was installing two servers in a cluster (member servers) I simply installed the os in one on mirrored disks, took out one of the disks and put it in the second server. Regenerated the two mirros, changed the name and SID on the second one and then installed the cluster service on both. It hasn't given any problems but at the time the HP engineer didn't like it but gave me no concrete reason. Is this practise OK and are imaging techniques just issues with DCs? Peter Jessop This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
