Announcement

Collapse
No announcement yet.

Additional DC

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Additional DC

    Dear Friends

    In our network there are 2 Domain controller (both are same), i mean we have additional domain controller for failure redundancy. my question is: if first dc will down, what should i do for set additional dc as main domain controller and our users use it for authentication? if there are pre-actions for this situation please help me step-by-step.



    Best Wishes
    Amir Ahmadi Rad
    System Support Director
    Jamsaz co.

  • #2
    Re: Additional DC

    As long as your second DC is a global catalogue (http://www.petri.com/configure_a_new_global_catalog.htm) you shouldn't have to do anything. You may have issues with resetting users passwords depending on which server is your PDC emulator:

    http://www.petri.com/understanding_fsmo_roles_in_ad.htm
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: Additional DC

      Dear m80arm

      Thanks for your attention. 2 days ago in Network Lab i tested some situation. i configured two DC . one with 5 roles and GC & another just GC.based on my knowledge 2nd DC couldn't response to user authentication without DC1 unless that it has PDC Emulator master role and GC. i down DC1 and Sieze all (5) roles to DC2.everythings ok. all users could logon to Domain. but there is an isuue, if i start DC1 again what happend? there are 2 DC that both of them have 5 roles. as you know in a forest there is just one DC that can hold Schema master role & Domain Naming Master. and in any Domain there is just one DC can hold PDC Emulator, Infrastructure and RID master roles.Please help me. What should i do in this Situation? How can i remove 5 roles in DC2?[/CENTER][/LEFT][/CENTER][/RIGHT]


      Best Wishes

      Comment


      • #4
        Re: Additional DC

        In the real world you should never start a DC that's had any FSMO role seized from it. You never know what could happen.

        the PDC emulator should only be contacted when a users password has been reset. DC2 should authenticate users if it was a DC and a GC. I would check to ensure DC2 is definately replication from DC1. Check the event logs etc

        Michael
        Michael Armstrong
        www.m80arm.co.uk
        MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

        Comment


        • #5
          Re: Additional DC

          Also make sure that the second DC is a GC and configured as DNS also.

          Additionally all the clients should be pointing to the correct DNS...

          Regards,
          Kapil Sharma
          ~~~~~~~~~~~~~
          Life is too short, Enjoy It.

          Comment

          Working...
          X