Announcement

Collapse
No announcement yet.

Domain controller redundancy

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Domain controller redundancy

    Hi All,

    I have an environment with two domain controllers (2008 R2).
    Yesterday i tested the functionality of their redundancy and i need to know something.
    When i shutdown the FSMO holder i tried to do a few DNS and log-in actions
    and for the first 2 min i failed but, after all works.
    My question:

    1. should this happen?
    2. what is the reasonable time for the other dc to take control
    3. should i experience such failure at all

    Thanks for the help
    Moshe

  • #2
    Re: Domain controller redundancy

    How did you do the shutdown? Did you test as soon as you asked it to shutdown or did you wait till it was off? Which machine did you run the tests from? What was the DNS setup on that machine? Are both servers GCs?
    We need more info on your environment and testing first really.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Domain controller redundancy

      Hi, thanks for the replay

      1. Both DCs are GC
      2. Both DCs are DNS and are configure on the network as DNS for clients
      3. I tested from a server on the same network in the domain with both dns configured as static
      Primary (fsmo holder) and secondary (the other DC0

      Comment


      • #4
        Re: Domain controller redundancy

        I tested after the server shutdown

        Comment


        • #5
          Re: Domain controller redundancy

          There will be some slight delay if the first server is primary for DNS but I wouldn't expect 2 minutes worth.
          You should be able to log on with cached credentials by default too even if both are offline (assuming you've got this allowed).
          The other DC is always "in control" as such so I would imagine that your test machine was booted and connected to the DC you shutdown. The 2 minutes was a timeout somewhere waiting for response. Once this channel was seen as down it went to the other DC and continued.
          I would be interested in a test where your test machine is setup with the other DC as primary in DNS. You reboot or turn on the test machine with the other DC off and then see if there is a difference.
          cheers
          Andy

          Please read this before you post:


          Quis custodiet ipsos custodes?

          Comment


          • #6
            Re: Domain controller redundancy

            Hi,

            Thanks for the reply
            So you say that 2 min too much ?

            Comment


            • #7
              Re: Domain controller redundancy

              I would have thought so if they are in the same site.
              Do a DCDIAG and confirm everything is replicating OK

              I had a similar problem (but it did not start working after a time) and ended up removing DNS from the "other" DC and re-installing it -- after that lookups and logins worked perfectly.
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: Domain controller redundancy

                Yes, they are on the same site.
                Replication and DCDIAG reports are OK

                Comment

                Working...
                X