You're not missing something basic; that's part of the design you have. You'll need a root domain controller and a domain controller for the north american domain (assuming your Exchange server is part of that forest and not a separate forest implementation.) Exchange relies heavily on AD and AD will need the root domain and the domain that your Exchange servers are in. From there, it's just a restore of the individual server. Unfortunately, you'll have to do the same thing each time which may break the security model that was intended. You'll have to check.
While you *could* put up a new forest etc, I don't advise it because it doesn't contain the same software, settings, schema mods, etc. It also doesn't give you a true representation of the actual process and so you won't be able to pull all of the resources together as you would in the case of a real melt-down.
This test, IMHO should be a regular part of your testing as you'll rarely want to put the full server back in a production setting anyway. It's the data and the service you want, vs. the restored server.
You may also want to check with the folks that architected your solution and see what their plan was in the first place. This should have come up many times during the planning phase.
Al
Al
On 2/21/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]
> wrote:
Hello all.I'm a longtime lurker, and very infrequent poster. I take the advice of this group to heart and apply it regularly every day. This might be slightly off topic post, but I'm curious how you perform disaster recovery testing on your Exchange environment.We are a medium-sized part of a very large company. Our local site hosts a 2003 Domain Controller for the North American domain and the Exchange 2003 server for our local users. My coworker and I are Domain Admins for North America, but not for the root domain, and not for the forest. We are also Exchange admins for our server, but not the entire Exchange organization. We are attempting to test our Disaster Recovery Plan for our Exchange server. One of our success criteria is to not interfere with Production email or users. To this end, w e created a separate network that has no connection to our Production network and moved a Production DC for the NA domain onto this network. Although we have been able to get DNS resolution to work from this DC, AD authentication is not working and we cannot join any of our Test network servers to the domain hosted by it. So far the recovery is going no where.Back in the good ole days, we could have restored Exchange 5.5 independent of our domain, whether it was NT 4.0 or Active Directory. Also, if this was a true disaster, the recovery would be simpler since we would have access to the Production network. Because of our success criteria of not interfering with Production, we are in this limbo where we have to have some Production data (represented in the DC and GC) to restore Exchange, but we don't have access to the entire forest or Exchange org since the Test has to be on a separate network.I curious if any of you have encountered this issue before and how you got around it. Building a separate Test forest on a separate Test network that mimics Production is not out of the question, but it would require much more support and cooperation from the corporate levels above us to complete. This is something that would probably take months to setup in our company. Are we missing something basic?Thanks in advance for all of your help.jasonjordan MCSE, MCP+I, MCPManagerSecurity, Audit, and Recovery TeamData Center ServicesEmerson Process Management, LLLP
