So, I have a VM DC that I had to restore from a month ago. I had other DCs that were physical and up. My understanding that if sub 60 days “off” it is fine to basically “power back on” the snapshot. However, now the “restored” DC has disabled replication in both directions. Should I manually enable inbound replication first and then after a while enable outbound replication?
Or a better fix method?
First if you have other DCs up and running, why are you restoring this one? Personally I’d make a fresh DC and replicate that from the existing DCs. Any restore of a DC just adds extra layers of headache I’d avoid
For context, we were recovering all VMs from a failed storage array. It seemed logical at the time to restore all VMs from the last DR Image. I see now for DCs that is not the case, and you should always do a force removal (which I thought was a last resort, but seems to actually be the first resort unless you’re doing a scheduled migration), and rebuild. This took longer than bringing the VM back up, but we did manage to rebuild from scratch and it did resolve the issue (obviously).
This explains about how to deal with DCs in great detail: https://www.veeam.com/blog/how-to-recover-a-domain-controller-best-practices-for-ad-protection.html