Your environment contains one Active Directory Domain Services (AD DS) domain. All domain controllers have
Windows Server 2012 R2 installed. All domain controllers are virtualized domain controllers.
You design a disaster recovery strategy. You have the following requirements:
The domain controllers can be recovered in the event that a Hyper-V host server fails.
The AD DS domain must be restorable to a consistentstate.
You must minimize the data loss.
You need to ensure that the domain controllers can be recovered in the event of a failure.
What should you do?
A.
Clone the domain controller that holds the PDC Emulator role to a different Hyper-V host server.
Schedule a Windows PowerShell job to run the Checkpoint-VM cmdlet on each virtual domain controller.
B.
Run Windows Azure Hyper-V Recovery Manager.
C.
On each guest operating system, run Windows Server Backup.
D.
on the host operating system, run Windows Server Backup.
E.
Schedule a Windows PowerShell job to back up eachdomain controller’s virtual hard disk (VHD) file.
As per MS, running checkpoints on the DC is not recommended. Is A the correct answer then? I don’t think so.
checkpoints aren’t backups and certainly not recommended for DC’s
in this case for disaster recovery you need to rely on traditional back-ups of the system state
answer: C
Why not “Run Windows Azure Hyper-V Recovery Manager.”
“The domain controllers can be recovered in the event that a Hyper-V host server fails.” But we don’t know how many hosts we have. It may be only one and if it fails.. we better have a backup somewhere in the cloud
That requires that Hyper-V Replica is installed and setup on VMs. No mention in scenario.
The A answer suprised me, but DC cloning is :
1- A new supported feature
2- A effective way to expdite forest recovery.
ref1: http://technet.microsoft.com/en-us/library/dd883272(v=ws.10).aspx
ref2: http://blogs.technet.com/b/askpfeplat/archive/2012/10/01/virtual-domain-controller-cloning-in-windows-server-2012.aspx
I think A is the best answer.
Answer is A
Cloning a DC: http://blogs.technet.com/b/canitpro/archive/2013/06/12/step-by-step-domain-controller-cloning.aspx
Checkpoint-VM cmdlet: http://technet.microsoft.com/en-us/library/hh848539.aspx
Restoring a virtual machine domain controller from any kind of snapshot can cause a USN roll back that breaks Active Directory. This is resolved with Windows Server 2012 domain controllers that are running on GenerationID-aware virtualization such as Windows Server 2012 Hyper-V and vSphere 5.1 (or later).
Cloning is now support:
https://blogs.technet.com/b/askpfeplat/archive/2012/10/01/virtual-domain-controller-cloning-in-windows-server-2012.aspx
Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Virtualization
http://technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv%28v=WS.10%29.aspx
There is one supported way to perform backup and restore of a virtualized domain controller:
Run Windows Server Backup in the guest operating system.
Answer is A
To me answer A seems like you’re creating a scenario with two DCs running the PDC Emulator role at the same time on two different Hyper-v Hosts.
Also for the second part of the answer, if the Hyper-V host server failes (as is the given scenario in the question), all the checkpoints are lost as well, making running the checkpoint-vm command worthless in the context of the question.
I would say D is the only viable answer. You can backup the entire virtual machine to a network location off of the hyper-v host server, which can be restored on another Hyper-v host server.
http://technet.microsoft.com/en-us/library/bb740891.aspx
The correct answer is A. Since all DCs are virtualized, it is possible to clone the PDC emulator. Since Windows Server 2012, AD DS employs safeguards on virtual DCs hosted on VM-GenerationID aware hypervisors and ensures that the accidental application of snapshots that could “rollback” a VM’s state for example does not disrupt the AD DS environment.
Sources:
http://technet.microsoft.com/en-us/library/jj574118.aspx
http://technet.microsoft.com/en-us/library/jj574223.aspx http://technet.microsoft.com/en-us/library/hh831734.aspx
You still can’t run 2 PDC emulators in 1 domain.
The biggest thing why i am in doubt is still the part in answer A “to a different Hyper-V host server”.
But i probably still go for A.
Hey! I know this is kinda off topic but I was wondering which blog platform are you using
for this site? I’m getting fed up of WordPress because I’ve had issues with
hackers and I’m looking at alternatives for another platform.
I would be fantastic if you could point me in the direction of a good platform.
The answer is C:
As said earlier Cloning and checkpoint is supported in server 2012 R2. But also the checkpoint will be stored in the location where the parent VHD file is. The question didn’t mentioned anything about the VHD location so if the file is stored in host itself, the checkpoint will also be in the same location ( that is host ). In the event of a hardware failure You cant do anything with that checkpoint.
It is not recommended to copy a DC vhd also
So taking a guest level backup is a good choise. So the answer is c only
Making snapshots of AD DC is not recommended. I would say E is the correct answer. You can schedule a powershell job – “Export-VM”, which will export the virtual machine configuration, and a copy of the VHD/VHDX files.
http://www.altaro.com/hyper-v/10-awesome-hyper-v-cmdlets/
Hymm, maybe not.. Copying of vhd would also work, but –
“There is one supported way to perform backup and restore of a virtualized domain controller:
Run Windows Server Backup in the guest operating system.”
“By using a copy of the virtual hard disk (VHD) file, you bypass the critical step of updating the database version of a domain controller after it has been restored. Replication will proceed with inappropriate tracking numbers, resulting in an inconsistent database among domain controller replicas.”
C is seams to be a correct answer.
C seems to be correct answer.
Any links that support answer A or C ? I’m not sure yet ..
AD has more roles then only PDC emulator.
If RID-master resides on an other AD-server you want to be able to restore this one as well.
The domain needs to be in 2012-r2 mode to be able to use checkpoints.
Maybe the domain is here in windows 2008 mode?
Based on that the answer has to be C.
In my opinion the answer is B because we are talking of dysaster recovery, read this
http://searchservervirtualization.techtarget.com/definition/Windows-Azure-Hyper-V-Recovery-Manager
Rectification, the answer is correct. For recovered a Domain controlled is required that is on line the pdc emulator.
https://technet.microsoft.com/en-us/library/jj574223.aspx
Passed the 74-409 exam yesterday! Scored 8XX.
48 questions in total and got about 2-3 new questions. Lost score on SCOM, which I didn’t pay much time on.
74-409 exam itself was not difficult, if you have the experience in Microsoft System Center and Hyper-V, which will help you pass the exam easily!
And, I used passleader 74-409 vce dumps for preparing for the exam, all are as real as the actual test. (here you can get both VCE and PDF dumps: https://tr.im/Mt0ll)
Good luck to everybody!
IPROCOMP is the only one making sense.
answer D
many of you are talking about cloning or VM-GenerationID but are missing the point.
Checkpoints are not for backup, running VM’s with checkpoints is not recommended.
DC Cloning is for cloning, not for backup.
VM-GenerationID makes it possible to restore a Virtual DC as in a non-authoritative restore of a backup. So just make a backup of the VM and restore it when needed (this can be done to the same Hyper-V host or another)
Usually posts some extremely interesting stuff like this. If you are new to this site.
Great site you have got here.. It’s hard to find good quality writing like yours nowadays. I really appreciate people like you! Take care!!|