Something I’ve seen at former employer’s and at clients I visited while working as a consultant is a lack of attention to properly backing up at least a minimal footprint of your environment. This is crucial for dealing with the unthinkable situation of having to rebuild from a total failure (e.g. catastrophe). Read the summary at the end also…
- Run domain controller diagnostics at least monthly:
- Standard passwords:
- Standard DSRM password on all domain controllers
- Standard Admin password on all servers
- Standard Admin password on all desktops/laptops
- Admin passwords are changed at least once per year (hopefully more often)
- Event Logs:
- Check domain controller event logs at least weekly
- Check server event logs at least weekly
- Scheduled Backups:
- System State backups on all domain controllers
- System State backups on all servers
- Data backups on all servers
- Group Policy export/backups
- DHCP scope backups
- DNS zone backups (if not AD integrated)
- Export Scheduled Tasks (Windows Server 2008, Windows 7 or later)
- Document – Document – Document (everything!)
- Use Mozy or something like it for offline/offsite archival!
If you skip the last two steps, you’re really not doing this right. You need to document how everything is configured, how it’s backed up and to where, and most importantly: HOW TO RESTORE IT PROPERLY. If you drop dead or your office is wiped out from a plane crash, someone will need to use your stuff to rebuild again. If you don’t leave them enough to do it correctly, why are you even bothering to do this at all?
Is this list complete? No. But it’s a good start.
Even if YOU are the person who has to rebuild everything, you will be amazed how much you forget after a few months, especially when under the pressure of dealing with the catastrophy, the business impact, the angry staff and demanding bosses, and getting the hardware situation under control.
By the way, VMware or other virtualization solutions are fantastic for testing out your DR plan and making sure it will really work.