Active Directory and USN Rollback

Blog, how I’ve neglected you. Not for lack of things to write about, but crazy things have been happening lately. I’ve been designing and implementing Active Directory and everything that goes along with it (GPOs, file storage, backups, redundancy...and the list goes on).

I have learned quite a bit from this so far and would love to share with you what I have learned. Lack of time restricts what I can share right now, so perhaps I’ll share a little tidbit of information I learned very quickly: Never, EVER, under any circumstances, restore a virtual domain controller from a snapshot. This most likely will result in a USN rollback event, in which all domain controllers in the domain think that they’re the most recent version of the AD database, causing replication to completely fail. It is extremely difficult (if not impossible) to recover from a USN rollback. Trust me, I tried. My solution? Completely delete and redeploy Windows 2008 servers and setup AD completely fresh. And never restore from a snapshot again.

Check out a very complete explanation of what USN rollback is and how it all works here, and Microsoft's KB on USN rollbacks here.

Comments

Post a Comment

Popular posts from this blog

Quizzes and Google Forms--It Just Keeps Getting Better

If you haven't heard the news yet, Google announced that they are adding quiz functionality to Google Forms! This is big news, and something my teachers have been wanting for a long time. It works really well, but of course some functionality is limited--such as the ability to auto-grade short answers. This is definitely a step in the right direction, and is going to be HUGE for my teachers using Google Classroom and Forms for formative assessments. Learn more from Google's official blog here .
Read more

How I Work - FREEPing

Image
Last time I posted, I talked about an app for my iPhone that I use, called Hours. This week I'd like to highlight an app that has been with me since I started supporting a network. FREEPing FREEPing is a (you guessed it) free utility provided by Tools4Ever, the company that makes a user account automation tool called UMRA. As you may have guessed, FREEPing is a utility that pings IP addresses. It's really not much more exciting than that, which is precisely why I like it so much. If you're in a larger environment with lots of resources, you probably have network monitoring all setup. For those of us with limited resources, FREEPing is a great alternative, or even a great complement to your current monitoring system. It's really easy to setup: Add IPs you want to monitor Give them nice readable names Profit Every time you launch the program after adding the IPs you want to ping, it will automatically start pinging each IP in order. It's a great way to check on
Read more

How I Work - Dropbox

Image
Last time I posted, I talked a bit about how I use an iOS app called Mailbox. Today, I'm going to discuss a few ways I use Dropbox. Dropbox Dropbox is so universally used that I hesitated writing a post for it. However, it is so ingrained into what I do at work that I would be remiss if I didn't include it. Dropbox is a very popular file syncing app that, once installed, creates a folder that it then syncs to the web and any other computer you have Dropbox installed and linked to your account. It also does file backups, after a fashion, keeping files a few revisions back. One of the best things I like about Dropbox is it frees me from the worry of having all my data on one computer--as a tech, I am well aware of the ramifications of a hard drive failing, and this helps me sleep at night, knowing all my data is safe and sound in the cloud and synced to all my devices. From a security standpoint, there has been a few issues with Dropbox accounts being hacked in the past, so defin
Read more