Announcement

Collapse
No announcement yet.

Adding a Secondary DC

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding a Secondary DC

    Hi,

    I'm in the process of adding a Secondary Domain Controller to our domain.

    Our current Domain Controller is also a DHCP and DNS server.

    Is it advised to DCPROMO the secondary DC with the "System State" or better to do it Live on the network (after hours)?

    Also, I don't worry about adding DNS to the Secondary DC and just point the DNS to the Domain Controller..right?

    Thanks.

  • #2
    Re: Adding a Secondary DC

    Using a backup is a fine idea http://www.petri.co.il/install_dc_fr...erver_2003.htm

    But I would also make the new DC a DNS server (w/ an AD integrated zone) and maybe a DHCP server. See this thread for my view on how to configure fault tolerance http://forums.petri.com/showthread.php?t=15107
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: Adding a Secondary DC

      I did a system state backup but i got the following error:

      Backup started on 20/06/2007 at 4:24 PM.
      Warning: Unable to open "c:\windows\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreI nstall_Directory" - skipped.
      Reason: The process cannot access the file because it is being used by another process.


      Backup completed on 20/06/2007 at 4:27 PM.
      Directories: 286
      Files: 2519
      Bytes: 468,300,830
      Time: 2 minutes and 42 seconds

      -----------------------------

      Is this a serious error? DO i need to do another sytemstate?

      Thanks

      Comment


      • #4
        Re: Adding a Secondary DC

        No mention has been made about making the second DC a GC as well.
        1 1 was a racehorse.
        2 2 was 1 2.
        1 1 1 1 race 1 day,
        2 2 1 1 2

        Comment


        • #5
          Re: Adding a Secondary DC

          Originally posted by dublin_101 View Post
          Hi,



          Is it advised to DCPROMO the secondary DC with the "System State" or better to do it Live on the network (after hours)?


          Thanks.
          Why you wanna do it " from media " instead of directly ?

          Comment


          • #6
            Re: Adding a Secondary DC

            Originally posted by dublin_101 View Post
            Is this a serious error? DO i need to do another sytemstate?
            It should be safe to ignore this error http://support.microsoft.com/kb/822132

            And like Biggles77 said, you might want to make the new DC a GC http://www.petri.com/configure_a_new_global_catalog.htm
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              Re: Adding a Secondary DC

              Originally posted by JeremyW View Post
              It should be safe to ignore this error http://support.microsoft.com/kb/822132

              And like Biggles77 said, you might want to make the new DC a GC http://www.petri.com/configure_a_new_global_catalog.htm
              well its only a small domain with 100 or so users.,...and the specs on the secondary domain controller are a lot less than those of the DC...so i'm doing this more for redundancy reasons........Should i make it a GC?

              Originally posted by aa11
              Why you wanna do it " from media " instead of directly ?
              I was thinking it would be a lot quicker? and that if it did it directly off the network, that it could disrupt network traffic.
              Last edited by dublin_101; 21st June 2007, 04:52.

              Comment


              • #8
                Re: Adding a Secondary DC

                Originally posted by dublin_101 View Post
                I was thinking it would be a lot quicker? and that if it did it directly off the network, that it could disrupt network traffic.
                Hi dublin_101

                in my experience on promoting DCs ( 5 up to now on this network) -
                i was doing it live,
                it won't be faster if you do it off the network,
                anyway It won't take much time to create NTDS settings to your remote DC and won't generate to much traffic - and that's it

                Comment


                • #9
                  Re: Adding a Secondary DC

                  Originally posted by dublin_101 View Post
                  Should i make it a GC?
                  For complete fault tolerance, yes. A GC server is used in the logon process.


                  Originally posted by aa11 View Post
                  in my experience on promoting DCs ( 5 up to now on this network) -
                  i was doing it live,
                  it won't be faster if you do it off the network,
                  anyway It won't take much time to create NTDS settings to your remote DC and won't generate to much traffic - and that's it
                  Coping AD from tape or hard disk will probably have a higher throughput than coping from a network source. But if it's a small network with bandwidth to spare then there's not much gain by using backup media... but there's nothing to lose either.
                  Regards,
                  Jeremy

                  Network Consultant/Engineer
                  Baltimore - Washington area and beyond
                  www.gma-cpa.com

                  Comment


                  • #10
                    Re: Adding a Secondary DC

                    If you're network is poor, fix that first!
                    It's the basic of you're complete organisation.
                    Sometimes i'm still stunned that customers won't see the importance of a good quality network eg switch.

                    Otherwise, there should no issues to run DCPromo on you're live network. However, make sure you're DC inluding DNS runs in shape.

                    I still think that using a tape (or other media) is useless unless there is no other option for example setting up a DC on a remote site with a small ISDN line or so.

                    just my 2 cents
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment


                    • #11
                      Re: Adding a Secondary DC

                      thanks guys.

                      the network itself ain't too bad, just that i wanted to do it during work hours and thought maybe that the process might do a lot of broadcasting..apart from that, there is no reason why i can't do it on the network.

                      i'm still a bit unsure about the GC thing as I don't really know if that is what i want...i think if the DC/GC crashes this can still operate and do the job?...if the other one completely dies, i was told that all i have to do is seize the roles...is this true?...or am i just silly and should do the GC thing first and have no reason not to?

                      thanks very much guys for your help.

                      Comment


                      • #12
                        Re: Adding a Secondary DC

                        About broadcasting. No there isn't much broadcasting. Why should he. He search a dc and start replicating from him. Why should he broadcast all the traffic?

                        you should be carefull with role seizing. Only use it when there no other options.
                        However, why is it such a problem to make the second dc also a GC?
                        Marcel
                        Technical Consultant
                        Netherlands
                        http://www.phetios.com
                        http://blog.nessus.nl

                        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                        "No matter how secure, there is always the human factor."

                        "Enjoy life today, tomorrow may never come."
                        "If you're going through hell, keep going. ~Winston Churchill"

                        Comment


                        • #13
                          Re: Adding a Secondary DC

                          no there is no problem to make it a GC also. i was asking you ppl if i should or shouldn't...

                          and if i do, what difference does it make on the other server?

                          Comment


                          • #14
                            Re: Adding a Secondary DC

                            No difference on the other server. GC server is not a FSMO role. You can have multilple GC servers.

                            If your main DC goes down and it is the only GC server then, for example, the users will have trouble logging on if there's no cached credentials. That's just one of the symtoms.

                            http://technet2.microsoft.com/window....mspx?mfr=true
                            Regards,
                            Jeremy

                            Network Consultant/Engineer
                            Baltimore - Washington area and beyond
                            www.gma-cpa.com

                            Comment

                            Working...
                            X