Forum Discussion

aliat_IMANAMI's avatar
aliat_IMANAMI
Brass Contributor
Aug 18, 2021

Set Up for Active Directory Backup

  I came across the following question regarding Backup Setup for Active Directory.   “Creating a forest in every location and every forest has 2 DCs and has a 1way trust to Global AD which is in ...
Active Directory
storage
Windows Server
AusSupport180's avatar
AusSupport180
Brass Contributor
Jul 12, 2022

aliat_IMANAMI  we have 40 plus DC’s in few countries. We have 5 Datacenter’s and each have 4 DC’s and others are in some site’s locations.

 

Do we need to backup 1 from each location?   

LainRobertson's avatar
LainRobertson
Silver Contributor
Jul 12, 2022

AusSupport180 

 

The short, and almost guaranteed answer is: no.

 

It's not about geographical location but about whether you have different forests and/or domains.

 

A really loose guideline is that you want to back up (using Windows Server backup is sufficient for this) each forest and domain, but you only need to do this from one domain controller per forest or domain, not all of them.

 

So, if you have five forests, and within each forest you have just a single domain (meaning the forest and domain are essentially the same), then you only need to perform a backup using a single domain controller from each of the five forests (so, five in total.)

 

Common sense might suggest using a key FSMO role holder like the PDC emulator or avoiding using a remote branch office domain controller as the host to use for taking the backups, but the key message here is that you do not need to take backups from multiple domain controllers within the same domain.

 

For example, if you had a forest in Australia, and that forest had just a single domain, and within that domain there were five domain controllers, you would configure a backup on just one of those five domain controllers, not all of them - even if they're spread out from Sydney to Perth.

 

Cheers,

Lain

Resources