FISMO Roles within a Domain

[Guest]

Hello,

In a windows 2000 server environment, i am planning a disaster recovery site.
The disaster recovery site is in another office and its main purpose is to
provide users with an alternate office to work in the event that our main
office network is offline...

As this alternate site is going to be configured to replicate with our main
office (exchange servers, citrix, sql etc), what happens in the event that
our Primary Domain Controller (in our main office) goes offline?

As the disaster recovery site will have secondary domain controllers which
will be replication partners, but what will happen to the 5 FISMO roles? can
you promote a server to a certain role?


kind regards;

 

[Herb Martin]

Hello,

In a windows 2000 server environment, i am planning a disaster recovery site.
The disaster recovery site is in another office and its main purpose is to
provide users with an alternate office to work in the event that our main
office network is offline...

As this alternate site is going to be configured to replicate with our main
office (exchange servers, citrix, sql etc), what happens in the event that
our Primary Domain Controller (in our main office) goes offline?

As the disaster recovery site will have secondary domain controllers which
will be replication partners, but what will happen to the 5 FISMO roles? can
you promote a server to a certain role?

Yes, but it is called "transferring" (which should always
be preferred) if the old role holder is online, and "seize"
(try to avoid) if the old role holder is OFFLINE.

(Rather than "promote".)

You must NEVER "seize" a role unless the 'old role holder'
will NEVER be brought back online.

So during a disaster plan execution, you will seize roles only
if you must (e.g., don't expect a fairly rapid repair of the problems).

Once you seize the role(s) you are committing to DCPromo the
old holder (to non-DC), after which you may DCPromo it again
to DC.

Do NOT have any Enterprise Certificate Servers holding such
roles since they cannot afford to be DCPromo 'cycled'.

Only the PDC Emulator (there is no true PDC in AD domains)
is likely to become a problem rapidly.

Then the RID master (but only if you must add large number
of users.)

Missing the PDC emulator will cause "cross subnet browsing"
and "cross domain browsing" will stop working during the
next hour.

Time will eventually drift and Kerberos authentication may
suffer -- but that is not likely to happen rapidly.

Replication to BDCs will stop but you probably don't have
any of those unless you are still in mixed mode.

A few minor problems may occur but you won't likely
notice.

 

[Guest]

The PDC-Emulator role, which will be on the first DC created in a domain (by
default) can be 'seized' to another site in the event that the other site is
offline.

In effect, this goes the same for the other 4 roles (the other two domain
roles - Infrastructre and RID) as well as the forest level (Schema and Domain
Naming).

Each of these roles can be seized to your 'hot site' for recovery and
resumption of business purposes without great trouble.

However, it's most important that you ensure that you can never have two of
the same roles operating at the same time. In your disaster scenario, we'll
assume that the link is going to be down for a long time and you will have
time to shut the other servers that did hold these roles down.

In fact, you should demote the other machines to member status, and for
safety - flatten and rebuild the Infrastructre and RID master.

 

[Herb Martin]

The PDC-Emulator role, which will be on the first DC created in a domain (by
default) can be 'seized' to another site in the event that the other site is
offline.

Seizing is however a SERIOUS step and should be
discourage unless the former role holder is lost
forever, or you are are willing to DCPromo it to
non-DC (and optionally back to DC) when recovered.

However, it's most important that you ensure that you can never have two of
the same roles operating at the same time. In your disaster scenario, we'll
assume that the link is going to be down for a long time and you will have
time to shut the other servers that did hold these roles down.

And probably accept that the "new" role holder must
continue the job rather than the former, but that at least
one of them must be DCPromo 'cycled' before the role(s)
can be properly transferred.

In fact, you should demote the other machines to member status, and for
safety - flatten and rebuild the Infrastructre and RID master.

Yes.