Announcement

Collapse
No announcement yet.

Best practices for restarting a Domain Controller

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Best practices for restarting a Domain Controller

    So we have a weekly restart schedule for all our DC's but it's just a basic restart script. We have found that it sometimes produces errors (perhaps just because of the nature of the beast).

    Does anyone feel that certain services should be stopped first before restarting a DC, like netlogon, dns, dhcp, ntfrs?
    GoogleFu is strong with this one ^

  • #2
    Re: Best practices for restarting a Domain Controller

    Out of interest, why do you need to reboot your DCs weekly? Aside from occasionally scheduling a reboot to allow for Windows updates, I have never seen a need to reboot a DC other than in response to problems.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

    Comment


    • #3
      Re: Best practices for restarting a Domain Controller

      No, no need for that mate.

      Simply ensure that you're reasonably confident that when you do this to a FSMO role holder like the PDC Emulator that you have plenty of time to get it back up, if it should fail. So - do it at like 8am on a Saturday so that you have all weekend to mess about with the box 'til it comes back up.

      But

      For your "Average Joe" domain controller, just bounce it. It's fine.

      FYI we only reboot our DC's when they stop working. We don't have a scheduled reboot for them. <edit> Beaten to it for the first time LOL


      Tom
      For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

      Anything you say will be misquoted and used against you

      Comment


      • #4
        Re: Best practices for restarting a Domain Controller

        Originally posted by Stonelaughter View Post
        <edit> Beaten to it for the first time LOL
        I assume this means war
        Gareth Howells

        BSc (Hons), MBCS, MCP, MCDST, ICCE

        Any advice is given in good faith and without warranty.

        Please give reputation points if somebody has helped you.

        "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

        "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

        Comment


        • #5
          Re: Best practices for restarting a Domain Controller

          They all have enough time to reboot without glitching the network. And the only real error is one for someone trying to login without it being up.

          I just was not sure if there was something else that I might be missing or if anyone had more experience in that. We've always just restarted without incidence.

          A weekly schedule has seemed to help the health of the server. We also do a weekly defrag and chkdsk.
          GoogleFu is strong with this one ^

          Comment


          • #6
            Re: Best practices for restarting a Domain Controller

            Maintenance is always a good thing, but if rebooting your DCs seems to be helping an issue, then you should probably look into the root cause of the issue.
            Gareth Howells

            BSc (Hons), MBCS, MCP, MCDST, ICCE

            Any advice is given in good faith and without warranty.

            Please give reputation points if somebody has helped you.

            "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

            "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

            Comment


            • #7
              Re: Best practices for restarting a Domain Controller

              They all have enough time to reboot without glitching the network.
              That wasn't my point. What if the PDC Emulator won't come back up after the reboot? What's your plan if you haven't fixed it in 4 hours? What's the plan if it isn't resolved after 8 hours? etc.


              Tom
              For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

              Anything you say will be misquoted and used against you

              Comment


              • #8
                Re: Best practices for restarting a Domain Controller

                Oh, well, we have backups in place. I don't see why the PDC emulator will be going down from a routine reboot, but I suppose it could happen. Besides I can also just seize roles if it really comes down to it.

                I feel like I'm getting the third degree newbie admin replies. Believe me I'm not I've been doing this for years. I just wanted to get others viewpoints.

                And the reasons for the reboots are basically for updates. Not really any other reason.
                Last edited by stamandster; 17th November 2008, 02:26.
                GoogleFu is strong with this one ^

                Comment


                • #9
                  Re: Best practices for restarting a Domain Controller

                  I never rebooted my former DC's (when I was an system admin) unless I really needed it to...

                  Well nut you're talking about errors.
                  What errors?
                  Marcel
                  Technical Consultant
                  Netherlands
                  http://www.phetios.com
                  http://blog.nessus.nl

                  MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                  "No matter how secure, there is always the human factor."

                  "Enjoy life today, tomorrow may never come."
                  "If you're going through hell, keep going. ~Winston Churchill"

                  Comment


                  • #10
                    Re: Best practices for restarting a Domain Controller

                    I feel like I'm getting the third degree newbie admin replies. Believe me I'm not I've been doing this for years. I just wanted to get others viewpoints.
                    We give the replies commensurate with the levels of question asked and information provided. I don't feel that my reply was overly patronising considering the information we had available; in fact I STILL think that your most recent answer shows an unplanned, unstructured approach to system management that I would be loth to take with my customer's IT systems. In our organisation there are plans in place to cope with the eventuality of a server not coming back up; basically because despite our (perfectly reasonable) expectations to the contrary, it happened to us and left us in trouble.

                    I was merely trying to give you the benefit of my own experience; which is after all what you asked for.


                    Tom
                    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

                    Anything you say will be misquoted and used against you

                    Comment


                    • #11
                      Re: Best practices for restarting a Domain Controller

                      Windows can be configured to reboot upon updates.

                      Since you have access to a few DC's you should make sure that at least one of them is online whilst the others are rebooting. Services such as exchange just cease to work if it cannot find a DC.
                      Please remember to leave positive reputation points (The Ying Yang Icon) if someone helps you.

                      Comment


                      • #12
                        Re: Best practices for restarting a Domain Controller

                        Originally posted by ]SK[ View Post
                        Windows can be configured to reboot upon updates
                        That's true, but I don't think it's at all desirable in a production environment for your DCs to be rebooting *themselves*. If you disable the automatic reboot, you get a dialog on the screen asking you to reboot - much better.
                        Gareth Howells

                        BSc (Hons), MBCS, MCP, MCDST, ICCE

                        Any advice is given in good faith and without warranty.

                        Please give reputation points if somebody has helped you.

                        "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

                        "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

                        Comment


                        • #13
                          Re: Best practices for restarting a Domain Controller

                          I'm sorry if I was rash in my conclusions. It's true I was only getting your insight. I do appreciate it.

                          However, I wasn't going to explain our whole IT infrastructure in one post. We have procedures in place in the event of any server (or other hardware) failure. I didn't explain that because it's just known in the world of business IT.

                          We use WSUS to tell us what updates are available to our servers only. We have a patch management vendor who patches all our workstations. We take their lead since they are the experts in the area. We patch each of our server manually but we can't reboot them during the day for obvious reasons. So we go through a list of which will reboot the next day and such is that. But I wasn't going to go into that procedure either. We also feel that having WSUS rebooting the production server (via policy or registry) is completely irrational.

                          And yes I've had old DC's go down after reboots. Like an old NT4 (behemoth dual 900mhz Pentiums with 1gb of ram, oooh) box that just had a disk bite the big one. But it was initially rebooted because of actual errors, not just maintenance.

                          I understand that on some boards that with some people post count can be a sign of actual understanding of an area of expertise. Then there's the opposing side where there are some who post non-sense just to get a high post count. But neither are an indication of actual knowledge and wisdom in any area.

                          And, just because one company does something differently doesn't neccessarily mean that the other companies who don't are wrong. It's just that they've researched and found something that ultimately works for them just fine for them.

                          I suppose I should have brought this subject after before my "trolling" post count was greater in number.
                          GoogleFu is strong with this one ^

                          Comment


                          • #14
                            Re: Best practices for restarting a Domain Controller

                            I can assure you that their are a lot of professionals out here.
                            Anyhow I suggest to start over and answer my question about the errors you get
                            Marcel
                            Technical Consultant
                            Netherlands
                            http://www.phetios.com
                            http://blog.nessus.nl

                            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                            "No matter how secure, there is always the human factor."

                            "Enjoy life today, tomorrow may never come."
                            "If you're going through hell, keep going. ~Winston Churchill"

                            Comment

                            Working...
                            X