GET-IT: TEAMS DAY | 1-Day Free Virtual Conference all about Teams. Here on Petri.com - 8/12/20 GET-IT: TEAMS DAY - 8/12/20

DC Tombstone lifetime on a 10 users Branch office, 30 users at HQ. Start scracth ?

Home Forums Microsoft Networking and Management Services Active Directory DC Tombstone lifetime on a 10 users Branch office, 30 users at HQ. Start scracth ?

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #162307

    Hello experts,

    we recently started working on server consolidation project for a new customer. The customer’s infrastructure we found is relatively small and is briefly described below.

    Headquarter in Europe
    ==================================================
    – About 30 users.
    – One physical server running Windows Server 2003 R2 Standard Edition acting as a file server.
    – One physical server running Windows Server 2003 R2 Standard Edition and Microsoft SQL Server 2005 for a line of business application.
    – One physical server running Windows Server 2003 R2 Standard Edition acting as a Domain Controller.
    – One physical server running Windows Server 2003 R2 Standard Edition acting as a Domain Controller and Global Catalog, holding the Five FSMO roles and running Microsoft Exchange Server 2003.
    ==================================================

    Branch office in Canada (connected to the corporate office by using a persistent site-to-site VPN)
    ==================================================
    – Less than 10 users.
    – One physical server running Windows Server 2003 R2 Standard Edition acting as a file server and a Domain Controller in a child domain.
    – Branch office users only access resources on the local server except for their Microsoft Exchange Server 2003 mailboxes on the Headquarter office.
    ==================================================

    The first problem we’re dealing with is the Exchange 2003 database that has reached the 75GB limit. In order to immediately alleviate this problem and create free space to bring the logical size of the database below the limit, we have deleted any unwanted mailboxes and asked some very heavy email users to archive some mail or delete mail that is no longer required. This immediately brought the Exchange 2003 database below the logical limit, so we can now plan to migrate Exchange 2003 to Exchange 2007/2010 without hassle of the Exchange mailbox database being dismounted every morning.
    As a best practice before starting the actual migration to Exchange 2007/2010 running on a new Virtual Machine, we performed an overall Active Directory Assessment and Health Check using the Microsoft Active Directory Topology Diagrammer tool and the Active Directory Replication Status Tool.
    We found out that the following:
    ==================================================
    – Replication between the DCs at the Headquarter shows no error messages.
    – Both DCs at the Headquarter are logging the 8614 error and fail to replicate directory partitions with the Branch office DC in Canada for tombstone lifetime. Last Successful Sync attempt occurred in January 2012.
    – When running DCDiag on the Branch office DC in Canada we also found out that besides unsuccessfully trying to replicate with the two live DCs at the Headquarter, the Branch office DC in Canada is trying to replicate to a third DC at the Headquarter that does not exist anymore.
    – The customer is completely unaware of the reasons why the Branch office DC in Canada failed to replicate directory partitions for such a long time causing tombstone lifetime.
    – Canadian Users do not connect to the Exchange 2003 server at the Headquarter using their corresponding domain users on the child domain. Someone created some additional user accounts on the parent domain in order to create their Exchange 2003 mailbox as if they were Headquarter users.
    ==================================================

    Based on the total number of users and Microsoft applications/platforms being used, I would prefer to plan for minimal downtime and start from scratch at the Headquarter. With regards to the Branch office DC in Canada, I am thinking about initially deploying an additional read-only domain controller (Replica DC) in the new domain on the Headquarter office, let it replicate, make it a Global Catalog Server then move it to the remote branch office and finally change its ip address.
    Otherwise:
    ==================================================
    – Would you try to resolve the tombstone lifetime issue with the Branch office DC in Canada before starting the migration to Exchange 2007/2010 at the Headquarter ?
    – Would you temporarily ignore the tombstone lifetime issue with the Branch office DC in Canada, immediately start the migration to Exchange 2007/2010 at the Headquarter and take care of the tombstone lifetime issue with the Branch office DC in Canada at a later stage ?
    ==================================================
    I would be very grateful if someone could kindly share some thoughts.
    Any help/information will be greatly appreciated.
    Regards,
    Massimiliano

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.