What is the supported way to setup GPOADmin for Fault Tolerance / Disaster Recovery / Redundancy within an enterprise environment?
Need to have two GPOADmin servers both configured to use the same AD/ADAM configuration store as well as the same GPO backup repository (SQL, network share ect).
This will allow you to have a standby server available in case the main GPOAdmin server is lost.
It is recommended to backup the ADAM instance and the backup repository in the case of a complete loss.
The configuration would be as follows:
1. All installed GPOADmin servers should use the same backup store and configuration store. Duplicates of these items for backup/disaster recovery purposes is not supported
2. You should have only one watcher service active, on the main server. The watcher service on the failover machine should be set to disabled. When a failure occurs you would need to manually start the watcher service on the failover machine and set it to automatic.
Note: Have more than one watcher server running is not supported and can cause issues such as GPOs showing 'Unauthorized modificaton' after being edited, checked in or deployed
3. The registry key below should be set to "1" on the main server, and "0" on all other GPOAdmin servers. If a failure occurs the registry key would have to be changed, and then the GPOADmin server service restarted on the failover machine:
Version 5.11 and later: HKLM\SOFTWARE\Quest\GPOAdmin\ServerConfig
value: processScheduledDeployments (DWORD) set to 1 to process scheduled deployments, set to 0 to not process scheduled deployments. (If processScheduledDeployments does not already exist create a new DWORD with that name)
4. Anyone using the GPOADmin client would have to close the client, reopen and connect to the failover machine
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center