I think this is devolving in to a bit of a PC/Mac debate, but, my take is that AD has its own replication mechanism, and a mechanism for clients to discover healthy/available DCs. So, why not just stand up DCs in the DR site and let them run in the background and if/when the primary site is impacted, the DCs in the DR site are all ready to go.
Thanks, Brian Desmond w – 312.625.1438 | c – 312.731.3132 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael Leone Sent: Monday, February 8, 2016 10:07 AM To: [email protected] Subject: Re: [NTSysADM] Replicating AD VMs On Fri, Feb 5, 2016 at 4:41 PM, Brian Desmond <[email protected]> wrote: > Regardless of the virtualization safeguards probably mitigating risk, > I still come back to the original question which is why subvert a > system which has its own replication mechanism (AD) with the vmWare > alternative? Perhaps there’s a detail I’m missing here but that’s where this > breaks down for me. This isn't about subverting or replacing AD replication, but about DR recovery of a DC. If a DC at a site becomes unavailable (such as for broken physical connectivity to the site), this way the same DC comes back online, at a reachable site (but with the same IP subnets). You haven't done anything with AD replication, except rely on it to find the DC when it comes back online, and sync with it. Effectively, you are using AD replication exactly as it's supposed to work - re-establish replication when the DC connectivity comes back online. What you're bypassing is a rebuild of a destroyed DC, and bypassing the need to clean up AD of the old DC, before building a new DC.
