This post discuss about the concept of “lag sites” or “hot sites” as a recovery strategy. A lag site is just an Active Directory site that is configured with a replication schedule of one, two or maybe three days out of the week. That way it will have data that would be intentionally out-of-date as of the last successful inbound replication. It is sometimes used as a quick way to recover accidentally deleted objects without having to resort to finding the most recent successful backup within the tombstone lifetime of the domain that has the data.
Case: I recently had a case where the customer asked if the replication interval for a site link could be set higher than 10,080 minutes (7 days). The quick answer was that Active Directory only supports values from 15 up to 10,080 minutes and the schedule is based on a week. If the replinterval attribute on the site link is manually set to something lower than 15 it will use the default of 15. If it is set to something higher than 10,080, it will be ignored and 10,080 will be used.
Here are some links to Microsoft recommended recovery steps and practices:
- 840001 How to restore deleted user accounts and their group memberships in Active Directory
- Useful shelf life of a system-state backup of Active Directory
- Managing Active Directory Backup and Restore
- Step-by-Step Guide for Windows Server 2008 AD DS Backup and Recovery
- Active Directory Backup and Restore in Windows Server 2008