Announcement

Collapse
No announcement yet.

Multiple Root Domain Controller

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multiple Root Domain Controller

    Is it possible to configure Multiple Root Domain Controller in windows server 2003 Ent ?
    If any root domain Controller is down other is controll everything.


    Please give me some idea.

    Thanks
    Karzon

  • #2
    Re: Multiple Root Domain Controller

    There are not root DCs as such. They have FSMO roles that carry out certain roles.

    2 x FSMO roles are unique to the forest and each role can only be on one server at a time (or both roles on a server) within that forest, which may consist of multiple domains.

    Domain Naming Master
    Schema Master

    3 x FSMO roles are unique to the domain, so each role can only be on 1 server at a time (or all 3 on one server that may also have the forest FSMO roles) within a specific domain. If you have 2 domains and 1 forest, you effectively have 6 domain FSMO roles, the 3 domain FSMO roles on a server within each domain and 1 server in the forest (or two servers) with Forest FSMO roles.

    PDC Emulator
    RID Master
    Infrastructure Master

    This site has an article on it.

    http://www.petri.com/understanding_fsmo_roles_in_ad.htm

    When a Forest is created for the first time, the first server will ahve all 5 FSMO roles. As you add additional servers, you have the option to then transfer those FSMO roles to that server.

    If a server does go down, you are able to seize the roles but then that server cannot be brought back on line and you have to clean metadata. Just because a certain FSMO role holder is down doesn't mean you will necessarily get a problem straight away. It depends on their function. e.g. Domain naming Master - are you likely to want to create a new Domain with a server being down? I would say the crucial one is PDC. That one tends to be used for logon purposes and time sync, amongst some of its duties.

    FSMO roles can be transferred quite easily.

    Also, with FSMO roles, you also need to be careful with GC placement in multi-domain environments, with rule of thumb then being to not make a Infrastructure Master a GC unless all servers are GCs.
    Last edited by Virtual; 17th February 2009, 12:50.

    Comment


    • #3
      Re: Multiple Root Domain Controller

      Thanks For Reply.

      without running FSMO roles, will exchange server work properly if the Root Domain Controller goes down?

      Comment


      • #4
        Re: Multiple Root Domain Controller

        Originally posted by karzon View Post
        without running FSMO roles
        What does this mean?

        Exchange does not generally depend too heavily on the FSMO roles, however you should aim to repair a failed roleholder, or seize roles if the server cannot be repaired, as soon as possible.

        Exchange relies on global catalogs.
        Gareth Howells

        BSc (Hons), MBCS, MCP, MCDST, ICCE

        Any advice is given in good faith and without warranty.

        Please give reputation points if somebody has helped you.

        "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

        "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

        Comment


        • #5
          Re: Multiple Root Domain Controller

          I have heard references to a root Domain Controller before, which some regard as the 1st DC created for a forest and therefore, containing all FSMO roles.

          As Exchange is integrated in to AD and as Gforce... mentions, needs a GC, it may not effect it to a certain extent but it is so quick to transfer or seize roles initially, you shouldn't need to worry too much. It is just the cleaning of metadata, DNS entries and Sites and Services that takes the time if the roles had to be seized from a FSMO role holder. That DC can then not be joined back to the domain once FSMO roles are seized, so would need to be reimaged.

          Comment


          • #6
            Re: Multiple Root Domain Controller

            Please let me explain the scenario:

            1. I have two domain controller in windows server 2003 ent ( One is Root DC and Others is Additional DC)
            2. I Have Exchange 2003 ent
            3. If the Root Domain Controller goes down due to maintainence work or some Hardware Failure or any other issue, does the Exchange server server work properly? what will happen?

            Thanks
            Karzon

            Comment


            • #7
              Re: Multiple Root Domain Controller

              So the Exchange Server is installed on a Member server?

              Exchange server definitely won't work properly if the other DC is not a GC, so make them both one.

              If the root server is down, authentication will not happen, so therefore, Exchange Server would be effected to a certain extent. Outlook Clients or other mail progams will probably not be able to connect to read new mail.
              (I am sure there are more problems that somebody else can advise on, or indeed advice if I am wrong)

              If you are scheduling downtime, you could transfer FSMO roles to the other DC and then do the maintenance.

              If it is a hardware failure or other issue and getting the server back on-line is longer than expected and there is a need to get the network and Exchange operational as fast as possible, as there is a SLA in place or is costly to the entity you are referring to, you would seize the roles to the other DC. This restores normality.

              You then can remove metadata/DNS entries/sites and services entries for the failed DC

              Rectify the issue whilst making sure the server is not connected to the network.

              Rebuild the server and then join it back to the domain. You can then make it a DC and then transfer roles back to it if you wish.

              Comment


              • #8
                Re: Multiple Root Domain Controller

                As noted before, as long as your second Domain Controller is a Global Catalog and DNS of course, you shoud not have serious issues.
                Maish
                ----------------------------------------------------------
                Technodrone|@maishsk|Author of VMware vSphere Design
                VMware vExpert 2013-2010,VCAP5-DCA/DCD,VCP
                MSCA 2000/2003, MCSE 2000/2003
                A proud husband and father of 3 girls
                ----------------------------------------------------------
                If you find the information useful please don't forget to give reputation points sigpic.

                Have a good one!!

                Comment


                • #9
                  Re: Multiple Root Domain Controller

                  Ok Fine.

                  If the First DC ( Root DC) goes down for few minitus or hours, I can assaign the Second DC as a GC from 'Active Directory Sites and Services' option easily. so do I need to run FSMO roles? if i donot run FSMO roles and Second DC is GC, will the Exchange Server work properly?


                  Thanks
                  karzon

                  Comment


                  • #10
                    Re: Multiple Root Domain Controller

                    I would assign the GC role to both DC's permanently

                    There will be no need to to transfer/seize the roles to the 2nd DC if the machine is down for a few hours.

                    If you do the above then your exchange should work properly
                    Maish
                    ----------------------------------------------------------
                    Technodrone|@maishsk|Author of VMware vSphere Design
                    VMware vExpert 2013-2010,VCAP5-DCA/DCD,VCP
                    MSCA 2000/2003, MCSE 2000/2003
                    A proud husband and father of 3 girls
                    ----------------------------------------------------------
                    If you find the information useful please don't forget to give reputation points sigpic.

                    Have a good one!!

                    Comment


                    • #11
                      Re: Multiple Root Domain Controller

                      Thanks a Lot

                      I will try to test it in my LAB and later will confirm it

                      Thanks
                      Karzon

                      Comment

                      Working...
                      X