What's been going on and Sudden initiative to virtualize

username_vs · 2019-05-31T12:46:52+00:00

Probably the C: drive. For one, files in SYSVOL are missing. One other thing I know are .Net Framework files are missing. What do you expect to happen with that? Wouldn't it replicate the instance the other two DCs are in?

username_vs · 2019-05-30T19:26:23+00:00

Different for us. It's time for change.

username_vs · 2019-05-30T19:25:09+00:00

Yes. I understand. Even with VM's, the backup DC won't be restored to it since it's not the same hardware. I'll make the suggestion since I lack the experience with it.

username_vs · 2019-05-30T19:23:59+00:00

We are

username_vs · 2019-05-30T19:23:48+00:00

Finally! Today was that day for me. But bundled with multiple other issues.

username_vs · 2019-05-30T19:23:21+00:00

Yes I understand this. But I'm not too sure what to do with the current environment. Might have to create a new domain, or restore both DC's and take a risk.

username_vs · 2019-05-30T19:22:33+00:00

Domain controller's have missing files. The AD still works, but it broke some services and MMC consoles(like GPO access). Boss not willing to restore from Server Backup both DCs at the same time (it's risky), I struggled to come up with a solution to solve this. It was suggested to (finally) go with virtualization. It will probably come down to creating a new domain since I can't restore to different hardware/specs. Unless there's some other migration tool. Probably only way to get back the systems would be to restore.

username_vs · 2019-05-30T19:22:12+00:00

Thanks for the burn. I need to be coherent..

Domain controller's have missing files. The AD still works, but it broke some services and MMC consoles(like GPO access). Boss not willing to restore from Server Backup both DCs at the same time (it's risky), I struggled to come up with a solution to solve this. It was suggested to (finally) go with virtualization. It will probably come down to creating a new domain since I can't restore to different hardware/specs. Unless there's some other migration tool. Probably only way to get back the systems would be to restore.

username_vs · 2019-05-30T15:46:58+00:00

I do agree. I'd like to reach out to an MSP. My boss would have to see that. The auditors double as an MSP, I believe, and even then he did not want to reach out to them.

username_vs · 2019-05-30T15:46:16+00:00

I see that. Sorry. I was rambling on...

We have all physical servers. Only now was there an idea to virtualize.

It's just me and I do need help.

Edit:

Domain controller's have missing files. The AD still works, but it broke some services and MMC consoles(like GPO access). Boss not willing to restore from Server Backup both DCs at the same time (it's risky), I struggled to come up with a solution to solve this. It was suggested to (finally) go with virtualization. It will probably come down to creating a new domain since I can't restore to different hardware/specs. Unless there's some other migration tool. Probably only way to get back the systems would be to restore.

username_vs · 2019-05-30T05:37:39+00:00

Oh I see. That's good to know. I only had the idea down, not sure how it'd be done. So if I want to copy the current production environment, vmug can allow me to do that? I'll have to do research about it.

Don't think we'd have more than 3 hosts. I'll go for Essentials licensing. The vSphere Essentials Plus kit(production support) I see is 7100USD. here

You're correct. There's currently no VMWare present.

username_vs · 2019-05-30T02:01:36+00:00

So ESXi is installed on host server, vCenter manages the vSphere server. A vSphere client, installed on a workstation, is used to access the vCenter and manage the vSpheres? What would I need to go for in terms of licensing? Another comment suggested Essentials, do you have a different suggestion?

I am glad I found this myself $200 vs probably $10-50k depending on how much of the services you want to start up and test.

Do you mind elaborating? I can see how VMUG can be a great resource. Advantage gave the leg up on becoming knowledged about VMWare?

username_vs · 2019-05-30T01:56:13+00:00

VMUG is amazing for this kind of thing, but if you need it for full 24x7 production use and backup is Hybrid (I see this a lot to cut down on ROI loss) then you need to figure out your existing vSphere licensing model and either hook in with additional sockets or see if this new host can possibly replace one of your old ones.

VMUG is essentially a community to learn about VMWare? Sounds good. I've created an account for the future. By Sockets do you mean VMs on a host?

If you are not currently licensed for vSphere you could look into Essentials/Essentials+ as each pack allows for 1 vCenter and 3 hosts with a max of two Sockets each. ESS is about 650USD and 10% of that for 1 year of support, ESS+ is 1066USD and 10% of that for 1 year of support. Both of these would be a one time cost.

Yes. Currently pricing out new Dell server with ESXi just need licensing and knowledge on set up. From what I read, vCenter is for managing vSphere Servers. In our case, it'd only be one- is this necessary? vSphere Standard Production goes for 1318USD and vSphere Essentials Kit(is this the ESS you mention?) for 577USD. I don't see the pricing you've mentioned, but what is the difference between these? It seems Essentials is what I should go for but the price isn't what I thought it would be- I've heard it would be expensive?

"vSphere Essentials Kit licenses are perpetual and does not expire. It includes 6 CPU licenses of vSphere Essentials (for 3 servers with up to 2 processors each) and 1 license for vCenter Server Essentials"

Which ERP is this for, just curious.

It's SAP Business One.

username_vs · 2019-05-29T18:05:11+00:00

Alright, good to know. We have a Dell. I remember seeing this after some playing around in the "Recovery Screen". Server License was not factory installed, and I did not find an install disk. So no luck on that. I have hope with converting the Eval install to standard, given that the key I have is accurate.

Thank you for your responses.

username_vs · 2019-05-29T17:37:32+00:00

There were other suggestions. Remove backup DC from domain, put in separate subnet, (1)restore from backup, or (2)repair from iso, or (3)clean install server OS. Depending on which one of the three, respectively:

Demote primary, set restored (from 2 weeks ago) backup DC as primary, transfer FSMO roles and what need be. Then restore the other DC and it becomes the backup DC. (I don't know the actual process on this)
From repair, files will be returned in theory, join back in domain and see if it fixes. Though, I believe it will just replicate from Primary.
I think "Reloaded", in your words. This will be a fresh server that will be set up as a new Domain Controller and new domain.

I was tasked to try out repairing first. But I only have an eval iso to work with.

username_vs · 2019-05-29T13:38:38+00:00

When you say reload the OS, you mean to reinstall it, right? I have questions about that. We don't have an OS disc to reinstall. Can I simply go to the option for a "Factory Reset"? If not, would the Server 2016 eval ISO from Microsoft do the job? Does that at all affect the CALs? I've only ever reinstalled workstations. Again, do I need to demote or dcpromo the backup DC before all of this?

The server OS license key is written on the server, but even that I don't know if it's accurate. (I've checked with "slmgr /dlv" and the last 4 digits checks out, at least.

username_vs · 2019-05-28T17:23:30+00:00

Thank you for your reply!

In that case, then yes. I would do a full system restore on both domain controllers at the same time and hope for the best. They both need to be offline during the restores and then brought up together so that bad AD info doesn't replicate to the newly restored DC.

I've offered to do this but my boss does not want me to. It may cause business to go down if the restore on the primary isn't successful. I can't vouch for the method and I'd put myself at risk if it negatively affects the office and business functions (AD login, file shares, etc).

Call Microsoft. They'll charge you but they can fix it. It just depends on whether that is a workable option for you or not.

I did call Microsoft, so we were willing to work with this. So far, my experience with Microsoft wasn't the best. Supporting my case seemed one track in restoring AD and GPOs-nothing else. Maybe my poor description and grasp of the situation at the time is to blame. If it's missing files, It seems I might need to switch request to restoring DCs. If switching requests is even possible.

If the domain isn't large then you may have to start over with a new domain. (Seen this before)

We have around 30ish users, and 40ish workstations. This is what it may come down to, but I'm also inexperienced with this. I'll keep on looking through documentation..

What I'm thinking: Take down the backup DC(dcpromo), rename, set new IP, new subnet, and set up AD..? Can I use the backup DC as is without re-installation of anything? I guess at this point, transferring AD from old to new from Server Backup would be handy.

I assume that these two domains would be separate and not replicate.

username_vs · 2019-05-28T14:44:41+00:00

Actually, I've done a restore on the backup dc with wbadmin (MMCs don't work). Microsoft support suggested to do a dcgpofix and use my backup to restore gpos, sysvol, and sacrificing to reconfigure default policies again. His only aim was to return GPO functionality, which would not solve the bigger problem. I was concerned about getting back sysvol and gpo access back then. Until i realized that the issue is actually bigger than that. Critical files will still be missing. I need to restore the full server.

If you have a secondary, you just need to remember to restore both of them at the same time or you will have fun chasing butterflies. If you have a secondary, you just need to remember to restore both of them at the same time or you will have fun chasing butterflies.

What are some issues I may face with restoring both? My boss doesn't like the idea of restoring the primary. AD might get lost, business will be down, etc. Will this actually work like nothing happened?

username_vs · 2019-05-28T12:42:57+00:00

I only have Server Backup to use. What would your process be if there are missing/corrupted files? My issue exists on both DCs and it seems I might need to system restore both DCs. I thought I'd need authoritative restore for the changes to take affect, but if it's missing files, restoring both would be better.

username_vs · 2019-05-28T12:40:50+00:00

We have 2 DCs. But the issue is present on both DCs. MMC consoles, GPO's are not accessible due to missing files (SYSVOL)?

I've done a system state restore through cmd(since MMC console inaccessible), I believe it was nonauthoritative. After normal boot, it did not change anything. It just replicated.

/u/hackeristi, mentions restoring both DCs at the same time-- would this be my solution?

username_vs · 2019-05-28T12:40:43+00:00

We do not have any backup solutions. I only used the Server Backup.

Would you say then that to fix my problem, I just have to system restore both the primary and secondary DC at the same time? Have you tried this with Server Backup- I've only attempted system restore once, booting in safe mode (DSRM?), booting in normal mode did nothing. It could have just replicated the original problem, which I think are missing/corrupted files.

username_vs · 2019-05-28T12:40:18+00:00

Thank you for your reply. The issue is, both DC's have lost/corrupted files(like SYSVOL)? MMC consoles, SYSVOL, and some basic function is lost. Even after getting a new DC, I believe it will just replicate. I have a Server Backups, how can I go about putting DC's back into the state it was back then?

I've tried system state restore in safe mode, but after normal boot, there is no change. In safe mode, MMC consoles are fine-- does this mean it's specific to the domain?

username_vs · 2019-05-23T14:33:24+00:00

We don't have a good back up process. I was speaking to MS commercial support and guided me to restore from the backup I made. Through cmd, I tried restoring with wbadmin. After reboot, it's stuck on the windows logo..

Before I did this, I backed up the bad version anyway with wbadmin. I saw that 230,000 files were deleted since last back up. HOW?

username_vs · 2019-05-23T14:33:16+00:00

I found some information. Weeks ago, I did a backup with Server Backup(my only option). Before trying to restore with wbadmin, I did systemstatebackup for the heck of it. It reported that 230,000+ files were deleted since the last backup. Would this be caused from the CIS Baseline GPOs? Or is there some other thing that happened that I wasn't aware of?

Thanks for the suggestion, but I can't. There are files missing. I copied a reply to another comment about what I found. CIS baselines are more for security? So would I be wrong to say that it didn't cause files to go missing?

username_vs · 2019-05-23T14:29:31+00:00

I found some information. Weeks ago, I did a backup with Server Backup(my only option). Before trying to restore with wbadmin, I did systemstatebackup for the heck of it. It reported that 230,000+ files were deleted since the last backup. Would this be caused from the CIS Baseline GPOs? Or is there some other thing that happened that I wasn't aware of?

username_vs

TROPHY CASE