This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 90%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
I've been doing some research but am having a tough time finding best practices for testing DC and network fileshare server backups. I have backup service that regularly sends me notifications that our domain controller and fileshare servers have successfully been backed up offsite but I would like to periodically test the backups to make sure I know how to recover after an incident and also to confirm that my assumptions about what is backing up are correct.
I have created a testing vlan on our network and was thinking I could setup a test server to pull the backups onto. Is this the right approach?
I am trying to figure out how to test the DC backup on the testing vlan without creating any redundancy conflicts with the genuine DCs running on our operations vlan. Even though though there is no traffic between vlans, I'm concerned that restoring a DC backup with the same domain name could wreak havoc in our environment.
Is it possible to test the DC backup on a test domain, i.e. create a test domain--"AD.test.edu" and import the DC backup to inspect AD Users and Groups, DHCP, DNS and other services?
Testing the fileshare server seems more straightforward as it will be isolated on the testing vlan and is not running any other network services other than hosting the shared files.
Please forgive me if these hypotheses are wildly impractical or misguided.
Thanks in advance for any guidance you can offer.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
best practice for testing a backup in an isolated network environment so that it does not create conflict with services running on our operations vlan
As long as the environment is isolated from production it won't be a problem.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Its always recommended to have at least two domain controllers for high availability and disaster mitigation. If the role holder fails you can simply seize roles to another healthy domain controller without downtime, then do cleanup prior to rebuilding the failed one.
--please don't forget to upvote and Accept as answer if the reply is helpful--
As always, thank you for your timely response DSPatrick.
We do have two DCs running on our domain, but we only back up the configuration of the primary DC offsite.
I want to do disaster recovering testing with this offsite backup to make sure we can get our domain back online in the event of a ransomware or other attack that would cause use to shutdown our network or otherwise lose access to our domain services.
Do best practices exist for testing recovery from such undesirable scenarios?
You could probably do your recovery testing in an isolated environment.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Thank you. Last question should be: Do you know if there any known issues with replicating an existing domain in an isolated environment? Any issues to watch out for/avoid?
