I am not into restoring from backup unless absolutely required. I like how
easy it is to rebuild and repromote. As I mentioned in the other post, I
consider DCs to be expendable like individual drives in a RAID Set.

Now if I was crazy enough to run a bunch of other services on a DC that were
specific to a given DC then I might be a little more likely to look at
restores but in the meanwhile I would have kicked my own butt for putting
myself in that position in the first place. You don't put extra services on
DCs for several reasons, not having to restore them is just a side effect.
Primarily you do it to reduce vectors against your security and stability.
In the SBS world I would be completely out of sorts with myself over their
working conditions. :) Hopefully all of the enterprise customers won't go
out of business though. ;)


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm 
 

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul Williams
Sent: Thursday, August 17, 2006 12:58 PM
To: [email protected]
Subject: Re: [ActiveDir] FMSO roles split, patch question.

Valid point.  But you should [try and] restore from the backup that ran the 
night before and that you verified successfully completed before you applied

the patch...   ;-)

If you have a document process that goes through the proper change control, 
then there shouldn't be any reason to do this.  The patches should be tested

in dev and pre-prod and then applied, only if there's a rollback option, and

that should be something like "uninstall patch; restore from last night's 
successful back if unable to boot and uninstall".


--Paul

----- Original Message ----- 
From: "Almeida Pinto, Jorge de" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Thursday, August 17, 2006 4:02 PM
Subject: RE: [ActiveDir] FMSO roles split, patch question.


the reason is that is a DC dies during the patching you do not have to seize

the roles....IMHO, I prefer transfering over seizing

Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services

LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel     : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : <see sender address>

________________________________

From: [EMAIL PROTECTED] on behalf of John Strongosky
Sent: Thu 2006-08-17 16:55
To: [email protected]
Subject: RE: [ActiveDir] FMSO roles split, patch question.


I cornfused is this a standard practice as I thought you did not want to 
move the FMSO roles back and forth.

john

________________________________

From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, 
Jorge de
Sent: Thursday, August 17, 2006 4:33 AM
To: [email protected]
Subject: RE: [ActiveDir] FMSO roles split, patch question.


in addition to that....
DC1 having FSMOset1 and DC2 having FSMOset2
transfer FSMOset1 from DC1 to DC2
apply patches to DC1 and reboot and check everything (event logs DCdiag, 
etc)
if everything OK!
transfer FSMOset1 and FSMOset2 from DC2 to DC1
apply patches to DC2 and reboot and check everything (event logs DCdiag, 
etc)
if everything OK!
transfer FSMOset2 from DC1 to DC2
voila (that's french)...done! ;-)

jorge



________________________________

From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Deji Akomolafe
Sent: Wednesday, August 09, 2006 01:52
To: [email protected]
Subject: RE: [ActiveDir] FMSO roles split, patch question.


It doesn't matter.



Sincerely,
   _____
  (, /  |  /)               /)     /)
    /---| (/_  ______   ___// _   //  _
) /    |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/                             /)
                               (/
Microsoft MVP - Directory Services
www.akomolafe.com - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about 
Yesterday? -anon

________________________________

From: John Strongosky
Sent: Tue 8/8/2006 4:49 PM
To: [email protected]
Subject: [ActiveDir] FMSO roles split, patch question.


We have our FMSO roles split between 2 dc's. They are Schema Master/Domain 
Tree Operator on 1 and on 2,  the roles PDC Emulator/Rid Pool/Intrastate on 
the other. After I apply the patches from Microsoft what is the beat 
practices for the boot order...or does it matter?

1. Remote DC/GC's first
2. no. 1
3. then no 2.


thanks






This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an 
intended recipient then please promptly delete this e-mail and any 
attachment and all copies and inform the sender. Thank you.


List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Reply via email to