Jump to content
RESET Forums (homeservershow.com)

Recovering a failed Essentials Server


msawyer91
 Share

Recommended Posts

I want to be proactive on this, just in case there's a problem down the road...here goes.

 

A few weeks ago, I set up a friend of mine who owns a small business with Windows Server 2012 R2 Essentials. She had an old server that died, but I was able to get it running long enough to salvage its Active Directory and get it migrated to the Essentials box. The Essentials Server has a 240GB SSD which hosts Windows.

 

I then put in 3 x 3TB WD Red drives in a RAID-5 configuration, which houses the Active Directory NTDS and SYSVOL folders, and all of the server shares. So all of the client PCs back up here, and she was able to migrate her entire monstrous Dropbox to the Server as well. And she still has over 4TB of space available. This should suit her business quite comfortably for the foreseeable future.

 

For good measure, I set her up with an external 1TB hard drive on the server which does a nightly System State backup, so Active Directory is preserved. This is using the Windows Server Backup feature that is available in any Windows Server variant, not just essentials.

 

If I try to set up the Server Backup through the Dashboard, I don't see an option that lets me back up "System State." I can do a "System Backup," which grabs EVERYTHING. Or I can select individual folders. I don't think you can back up Active Directory this way, at least not properly. Normally with a System State backup, a shadow copy is made and then the Active Directory database is backed up.

 

The point is if something were to happen to that server--mainly if the system drive failed--I would need to get my friend back up and running within a couple of hours. Obviously with a RAID-5 array, a single-disk failure in the RAID can be tolerated until the bad disk is replaced. And all of the data stored on the server is backed up to the cloud via CrashPlan. So the risk of data loss is very, very small.

 

My concern is the risk of DOWNTIME. If my friend calls me up and says the server is dead, and I find I need to replace the SSD, how quickly can I:

 

1. Install a new SSD and get Windows installed.

2. Instead of setting up a "new" installation of Essentials with a new domain, perform an Authoritative Restore to get the old Active Directory back online.

3. Restore services to everyone.

 

What would YOUR recommendation be to mitigate this single point of failure?

Link to comment
Share on other sites

That's a good thought, but will that cause the machine account to get out of sync with the domain? See http://www.mediasmartserver.net/2013/10/13/fixing-trust-relationship-issues-between-a-workstation-and-a-domain/for more information on the dreaded "the trust relationship between this workstation and the primary domain failed."

 

A thought I had was to give my friend--on an extended loan--a computer I am not using for much, and stand it up for her as another Active Directory DC. Then if the main server went down, there'd still be a functional DC to keep the network "alive" and this may actually facilitate a more rapid restore of the failed DC. Normally when trying to restore a failed DC, you have another DC up and running. In the case of having a single Essentials DC, there's no such other option. Hence my desire to create a separate DC.

Link to comment
Share on other sites

I use WIndows Server Backup, and use the system state AND bare metal options.
I've restored ... countless times (really, many more than I care to remember) and have never had an issue with it.
Worst case, restore to a point a long while ago, then perform a system state recovery from a recent backup. This should help ensure that there are no trust issues with the domain.

 

As for network... 

Set a static IP address for the Essentials server.

Set up the DHCP Server on the router to hand out the primary DNS as the Essentials server and the secondary as the router/your ISP's DNS server/google's/OpenDNS.

 

This way, if your server does go down, internet access is maintained.

  • Like 1
Link to comment
Share on other sites

Thanks Drashna, I like the suggestion. My biggest concern about the Bare Metal is that it wants to back up everything, including all the data which is already backed up to the cloud. While one can make the argument that redundancy is a good thing, I was also trying to keep my friend's costs down. To do a Bare Metal backup, I need to have a dedicated backup device that can easily accommodate the full system drive AND the data drive, which is 3 x 3TB in RAID-5, so basically a 240GB SSD + up to 6TB of data. That means I'd need to set up an external disk array to back up 6TB + 240GB, and that's assuming Windows Server Backup makes one full backup, and then backs up the deltas either via a Differential or Incremental process.

 

The business in question is a real estate firm, so they're constantly adding new documents, photos, etc. I want to give them a robust, reliable solution while at the same time not breaking their bank on tons of disks.

 

This is why I proposed a solution to them that included RAID-5 -- could tolerate a single-disk failure, but still have cloud-based backup. This would offer protection against a disaster such as a blaze or lightning strike. It seems there have been a lot of bad fires in the news lately, so I made sure cloud backup was part of the solution. I've used CrashPlan for several years and found them very reliable, and I was happy to recommend them.

 

I had an extra EX495 at home sitting unused. I stood that up as another DC in my friend's office, so if something happens to the main server, I've got a live AD to work with in addition to System State. So hopefully I've got good coverage.

Link to comment
Share on other sites

if you go thru the control panel / administrative tools / windows server backup tool you can customize the server backup to skip drives you don't want it to back up. Then, your bare metal restore will cover the important things like c: drive and system state (including your sensitive windows activation data) to recover from a serious c: drive problem and use other means for the rest of what you have, which can be done while online.

 

best of both worlds :)

Edited by nrf
  • Like 2
Link to comment
Share on other sites

Yes, the Admin console for server backup is MUCH better. You can back up everything ... but you get a lot of control over what is backed up as well.

 

As for the bare metal, only the drives with system roles are backed up (this excludes the Essentials stuff, such as client back). 

For the most part, that means just the C:\ drive. Unless you have a very non-standard setup.

 

And you can add exclusions as well. :)

 

So always better to use wbadmin.msc to set up your backups. :)

Link to comment
Share on other sites

  • 2 weeks later...
Guest oranggila

I use WIndows Server Backup, and use the system state AND bare metal options.

I've restored ... countless times (really, many more than I care to remember) and have never had an issue with it.

Worst case, restore to a point a long while ago, then perform a system state recovery from a recent backup. This should help ensure that there are no trust issues with the domain.

 

As for network... 

Set a static IP address for the Essentials server.

Set up the DHCP Server on the router to hand out the primary DNS as the Essentials server and the secondary as the router/your ISP's DNS server/google's/OpenDNS.

 

This way, if your server does go down, internet access is maintained.

Thanks for advice, it's my windows problem since 2 mount ago g.png

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...