Announcement

Collapse
No announcement yet.

AD Sites and Services

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Sites and Services

    Hi all! I've had a WONDERFUL 7 days! Our entire network crashed and the backup that was being handled by another company failed. We are currently having to piece together a fault AD structure and DC's spread out over 42 locations totaling about 20 machines.

    The issue I'm running into now is fairly simple and I just need some advice.

    We currently have AD up and running and all of our remote DC's are off and VPN links are down to the remote sites. We have scrubbed ADSS of metadata and all former DC's are out. Our plan is to go in to each site remotely, turn on the VPN and promote the DC.

    In double checking our work, I've come across a few of my ADSS sites having Licensing Site Settings.

    Is it okay to remove this or should I leave it in place?
    I'd rather check my Facebook than face my checkbook...

    Thanks,
    Todd

  • #2
    Re: AD Sites and Services

    I would say yes, you can remove it as it appears to be legacy
    See this blog and follow some of the links:
    http://social.technet.microsoft.com/...tory-sites-and

    I trust you are also having a major review of your DR strategy?
    What on earth happened to take down the entire network?
    Last edited by Ossian; 25th July 2013, 08:40.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: AD Sites and Services

      Originally posted by Ossian View Post
      I would say yes, you can remove it as it appears to be legacy
      See this blog and follow some of the links:
      http://social.technet.microsoft.com/...tory-sites-and

      I trust you are also having a major review of your DR strategy?
      What on earth happened to take down the entire network?

      It is a very, VERY long story and I will explain this weekend.

      Short version:
      my company and another company had storagecraft backups that were complete and working.
      Another IT company was "brought in" to take over. They brought in a BDR device that was supposed to be able to spin up our VM's in less than an hour so that we could operate in the event of a crash. That didn't happen.
      I'd rather check my Facebook than face my checkbook...

      Thanks,
      Todd

      Comment


      • #4
        Re: AD Sites and Services

        Am I missing something here.

        You did have DC's on these other sites?

        Why not just spool up a new VM at your main site and promote that then let replication take care of the rest.

        That way all of your existing infrastructure is intact.

        Sorry if I've missed it but it seems in your post that you've done heaps of work, i'm reading rebuilt domain from scratch, for nothing IMO.

        Aplogies if I've read it wrong, its late here and I've had a beer or two

        Comment


        • #5
          So I'm back with this problem again... almost 3 years later!

          This is what I have now... I have about 6 of my sites in S&S that I need to get rid of. The DC's are warehoused with the intent of never turning them on again as those locations are closed. If the servers are turned on, they will be turned on to be wiped/reloaded and distributed to another new location when and if the industry picks up.

          That being said, my mind is telling me "Go ahead and delete the sites from S&S, Hot Shot, nothing will happen, you'll be fine. You just read the progress from this thread!" While my gut is telling me, "Man, you better double check and make sure that deleting 6 sites isn't going to foul everything up."

          I'm 99% sure that I can go in and just remove the sites that are no longer active but I need some sort of verification prior to doing so. I figured this was the place to get said verification as you guys have never failed me in the past!

          So, do I trust my mind or do I trust my gut?
          I'd rather check my Facebook than face my checkbook...

          Thanks,
          Todd

          Comment


          • #6
            You can
            Also do a metadata cleanup to remove all the retiredDCs (in fact, do that before deleting the sites)

            EDIT - check for any site level GPOs too
            Last edited by Ossian; 28th May 2016, 08:02.
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Two topologies are found in a successful network, Physical Topology and Logical Topology. Physical Topology represents the structure of the network which includes network topologies, hardware placements, IP address allocations. Logical Topology represents the security boundaries of said network, network services etc. In an Active Directory infrastructure setup, the Domain represents the logical topology while Sites and Subnets represent the physical topology.

              Comment


              • #8
                Please do not copy/paste without acknowledging your sources. Also do not post unless it is meaningful and relevant to the original post, which your "contribution" is not
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Originally posted by Ossian View Post
                  You can
                  Also do a metadata cleanup to remove all the retiredDCs (in fact, do that before deleting the sites)

                  EDIT - check for any site level GPOs too

                  Meant to come back way earlier than today and say that I did this. Very many thanks to you, sir... Luckily, I checked for site level GPO's and we didn't have any.

                  That, in fact, is my current project. Due to the "centralization" of my company, we're not using, I'd say, but half of the former GPO's that are in place. It's time to go clean them up!
                  I'd rather check my Facebook than face my checkbook...

                  Thanks,
                  Todd

                  Comment

                  Working...
                  X