wiki:WindowsDisasterRecovery
Last modified 11 years ago Last modified on 10/09/06 11:02:58

SIG Windows Domain: Emergency Procedure Notes

Overview:

  • The Windows Domain for the SIG labs, is comprised of:
    • Two servers (Viscus and Cor) (Note: As of this writing Cor is not yet active, so this guide will need to be updated.)
    *24 or so windows workstations.

Viscus is located in T-165. The various workstations are located primarily in labs T-170b and H-227, but are also located in various offices in the Health Sciences Building. Refer to the computer hardware inventory if available.

Services and Tasks:

The windows domain servers provide the following services and engage in the following tasks:

  • Viscus
    • Username and Password database for windows domain accounts (is one of two domain servers that provide redundancy in the event of one of the systems being down, and thus are constantly updated between each other to remain in sync)
    • Enforces IPSEC (ip security) policies that block network ports for network file sharing and other potential security holes from network IPs outside the approved subnet.
    • Provides daily backup of user documents on windows workstations, and weekly backups on a secondary hard drive.
    • Is the server for VPN, allowing users, via encryption, to access network services such as network file sharing on an IP address outside the approved internal subnets, which are normally blocked.
    • Enforces IPSEC (ip security) policies that block network ports for network file sharing and other potential security holes from network IPs outside the approved subnet.
    • A public network share that is used to distribute patches and files for users to share with other users. Only users on the approved subnets have read and write access to public shares.
    • Automatic installation and upgrading of certain applications on all workstations (currently VirusScan 8.0 and Firefox).

In the Event of Disaster: Various Scenarios, Consequences, and their Remedies

Scenario A - Power surge causes temporary loss of power to building or one or more of the server rooms.
  • Remedy:
    • If either server does not power on when power is restored, make sure power is available to its cord (perhaps the breaker on the power strip needs to be reset or some other issue), check to see if the power switch is set to on on the rear of the power supply, then press the power button on the front.
      • Upon power up all services should automatically be started with no further assistance.
      • Should windows fail to start up then is it possible that the abrupt shutoff of the system may have caused the windows install to become corrupt. In this case a system restore is in order and backup restoration procedure should be commenced. However, this should be considered a last resort, and all other possible solutions should be considered and tried. It would be best to troubleshoot the system and try to get it working again without restoring a backup, but that sort of solution is beyond the scope of this document.
Scencario B - One of both Domain servers are offline for whatever reason.
  • If both servers are offline:
  • The following services will have partial function
    • Domain Logins - Details: For workstations that are in regular use, they will most likely have cached credentials allowing the most recent user logins to still have access. In the event of domain server loss, local accounts will still be available as well as local admin accounts. In this case it is recommended that local user accounts be created in order for workstations to still accessible.
    • IPSEC (port blocking) - Details: IPSEC will still have the policies that were last established by the domain servers. They however will be unable to receive updated settings until the domain is restored under control of a server.