habibalby
Hot Shot
Hot Shot

Help in Active Directory/Exchange 2007 SCC Guest VM for Disaster Recovery

Hello,

I have completed the VMware Vi3 at our Disaster Recovery

Data Center. And what I'm looking for, what options available to move

the existing Active Directory and Exchange Environment from our

Production to the DR Site.

I though of the below options, and i would like to know what is the best from the expert.

Domain Controller(s) Options:

Build an additional vDC to be part of the existing Domain architecture.

Backup the vDC with vRanegr and restore at DR Site.

P2V exisiting DC(s), which is not recommended at all.

Exchange SCC Servers Options:

The current Exchange Setup is SCC under SAN Storage. Two MBx Clustered, 1 HT and 1 CAS.

P2V the Passive Node only C: Drive without the Shared LUNs.

P2V the second Passive Node also only C: drive without the Shared LUNs.

Once the conversion is done, backup the vNode(s) with vRanger.

At DR Site, will create the same LUN(s) size and present them to the ESX Servers as RDM

Restore the Production vNode(s), map the new LUNs to the VM and boot. "Hope they boot fine"

Reconfigure the Cluster Quorum and DB LUN(s)

Restore DB Backup and check DB integrity and start the services.

Or is there another option that i can consider since i'm in the planning stage of DR Services?

Thanks or your feedback in advance.

Best Regards,

Hussain Al Sayed

If you find this information useful, please award points for "correct" or "helpful".

Message was edited by: habibalby

Best Regards, Hussain Al Sayed Consider awarding points for "correct" or "helpful".
0 Kudos
4 Replies
VMmatty
Virtuoso
Virtuoso

I would build new domain controllers in the DR site. Domain controllers are easy and fast to build and they shouldn't be P2V'ed for several reasons (listed in the following link):

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1006996&sl...

As for Exchange, what about building out a SCR (Standby Continuous Replication) node out in the DR site and replicate your email. You can then also build out additional HTS/CAS servers for the DR site and have a fully redundant Exchange environment. Obviously there is much to consider here, including SAN storage and WAN links to replicate all of your email data. But in the end this is the MIcrosoft approved/supported method of DR for Exchange 2007 and although it's not great I've implemented it and it works reasonably well.

Using an SCR target would get around all of the issues you describe below with P2Ving those nodes (which is also not really recommended) and reattaching LUNs in DR and hoping that the servers boot. Assuming you have enough Exchange/Windows licenses, I think SCR is worth considering.

Matt | http://www.thelowercasew.com | @mattliebowitz
0 Kudos
habibalby
Hot Shot
Hot Shot

Hello,

Thanks for your reply.

Could you just elaborate little more on "I would build a new Domain Controller at the DR Site"!!

I understood that P2Ving Domain Controller little bit scary and not recommended. Then, I would consider building an Additional Virtual Domain Controller, make it Global Catalog, Transfer the FSMO Roles and Back it up for DR. And at the DR, Restore the Virtual Domain Controller.

As far as Exchange 2007 unfortunately, at this stage there is no replication for those systems that's why I cannot build an SCR Node or "VMware SRM" and replicate the Exchange DB to it at the DR Site.

Any thoughts?

Best Regards,

Hussain Al Sayed

If you find this information useful, please award points for "correct" or "helpful".

Best Regards, Hussain Al Sayed Consider awarding points for "correct" or "helpful".
0 Kudos
VMmatty
Virtuoso
Virtuoso

Maybe the part I'm unclear about is the function of the DR site. Is it a completely cold site setup without any live servers running? Or can you have any infrastructure there and waiting in the event of a disaster. Having even a domain controller up and running would be helpful and would save time. Running P2V conversions on a domain controller does work (I've done it myself) but can cause problems and generally isn't worth it considering how easy it is to build another one.

I understand you are limited in what you can do on the DR. How are you replicating the Exchange database/log LUNs to the DR site? As long as they are replicated in a state that you can confirm is healthy (verify using eseutil) then your idea of just P2Ving the Exchange VM will probably work. Again Exchange is another one of those servers that isn't great for P2V but since it is the passive node that should be ok.

Matt | http://www.thelowercasew.com | @mattliebowitz
habibalby
Hot Shot
Hot Shot

hello,

Yes, it's a cold DR Site and it has got some servers running for our core systems and I'm introucuding the AD, Exchange and other systems and DB's that will be P2Ved from HQ to DR.

I understand you are limited in what you can do on the DR. How are you replicating the Exchange database/log LUNs to the DR site? As long as they are replicated in a state that you can confirm is healthy (verify using eseutil) then your idea of just P2Ving the Exchange VM will probably work. Again Exchange is another one of those servers that isn't great for P2V but since it is the passive node that should be ok.

Currently, there is no replication for but there will be replication in next coming year. But one thing i have in mind about the FSMO Roles and the Exchange Storage Groups.

DC FSMO Roles can be easy as i stated above by building the an Additional vDC, Tranfer the FSMO Roles to it, Backup with vRangerPro, Export to Tape and at the DR Restore from tape, and Restore to DataStore via vRanger.

Exchange Storage Group keeping me little bit worried in last couple of days. I'm planning to:

  1. Build the Same Exchange SCC at the DR Site with the same Storage Group Names, but the Size is different as currently we have 5 SG but we are using only one with 100 GB size.

  2. Build the same Storage Groups 4 SG each with 2 ~ 5 gig as RDM and 1 SG with 200 ~ 290 RDM to old the Mailbox(s) Storge Group.

  3. Backup and Restore the Exchange DB to all Storage Groups which will also help in solving the problem that going to happen in P2Ving Passive Exchange Node.

As far as network configuration and arcticture, the Primary Site Network it's already Streached to the DR site "So we don't have to worry about DNS and Re-IPing servers" Plus, the Branches will be re-directed to the DR Site via our ISP. And the line is only active if we tell the ISP to re-direct the Line from our Primary Site to the DR Site and the same goes for the Branches. So, having servers with the same name and IP Address of the Primary Site it shouldn't be a problem.

Best Regards,

Hussain Al Sayed

If you find this information useful, please award points for "correct" or "helpful".

Best Regards, Hussain Al Sayed Consider awarding points for "correct" or "helpful".
0 Kudos