Hello,
I have 5 DCs in my AD domain and I like to rely on full system restore and replication to be able to DC disaster recovery in case one of DCs failed or become corrupted.
I am planning to use windows built-in backup system to do a full OS backup on all domain controllers and standalone certificate servers once every month and rely on it to be able to re-build the DCs with CA on them, from bare metal.
My concern is that I don’t understand how a full system restore will not cause issue with Update sequence number (USN) and create USN rollback problem?
How windows restore handles USN when a month old DC system OS backup will be restored?
Considering VHD backup is a BAD BAD idea for DCs, what would be the simplest and most reliable backup and restore approach here?
Thank you,