Announcement

Collapse
No announcement yet.

Set default logon Domain Controller

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Set default logon Domain Controller

    Does anyone know how I can set a preferred logon server for member servers and workstations?

    I have 2 DCs, "primary" is Win08 and "backup" is Win03. Most of my servers are authenticated on the Win08 DC, but some are on the Win03 server.

    I need to ensure that all member servers (Win03 and Win0 authenticate against the Win08 DC.

    On a related note, is ther a way to force the change of authenticating DC without restarting the entire server?

    Thanks!

    Rob P.

  • #2
    Re: Set default logon Domain Controller

    Are the PCs and member servers at different physical sites? What FSMO roles are on the w2k8 and w2k3 boxes and do they both have DNS and are they a GC?

    Comment


    • #3
      Re: Set default logon Domain Controller

      All PCs and servers are on the same site, with all servers located in the same subnet.

      The Win08 server is functioning as the preferred DC. The roles and GC were originally on a Win03 DC and were tranferred to the Win08. Global Catalog and DNS are replicating to the "backup" Win03 DC. This was done by a consultant.

      Unfortunately, I am still learning about FSMO roles, so I'm not familiar with how to view or modify them. I also need to learn more about the GC and how it functions in the Domain.

      Thanks!

      Comment


      • #4
        Re: Set default logon Domain Controller

        Providing you are not experiencing any issues with the domain, it shouldn't make a difference what DC is used to authenticate. Unless you want to split machines into separate subnets and separate AD sites, I wouldn't recommend playing with any of the automatic and default behavior of the network. You could perhaps ensure the Primary DNS server is set to be the w2k8 DC.

        Comment


        • #5
          Re: Set default logon Domain Controller

          Demote the Windows 2003 DC and replace it with an Windows 2008 DC is the nicest option
          However what do you care where the users are authenticated since they are in the same site/subnet?

          Btw, please remember that there aren't such things AS Backup DC's and so. The good old NT4 PDC/BDC's are gone since Windows 2000
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: Set default logon Domain Controller

            Thanks for the input, Dumber. I do know that there is no such thing as primary and backup DCs. I would love to demot the Win03 DC, but that is not really an option.

            I am runing other services on the Win03 server and I should be able to restart the sever during the day without affecting the other member servers.

            And thanks to you too, Virtual. I know that this should not matter as long as the member servers and clients are working properly. As I mentioned above, I am concerned about restarting the DC while other systems are authenticated against it.

            I am in the process of installing monitoring software (e.g., HP Management Homepage SMNP agents) and some of these require a system restart. My Exchange and Blackberry servers kinda freak out when the DC that authenticated them is restarted.

            Comment


            • #7
              Re: Set default logon Domain Controller

              It is generally best to bring the DCs with FSMO roles online first. As you mentioned, you can restart them out of hours. It sounds to me that you will be ok restarting your w2k3 DC. If you restart the wk28 DC, you may find that after it has rebooted, you are then best to start the w2k3 DC and then the Exchange box.

              Comment

              Working...
              X