Solved

Setting up Back up DC

Posted on 2004-08-24
26
188 Views
Last Modified: 2010-04-13
hi I have a PDC on my Network. for this PDC following Settings.

 Windows 2000 Advance Server.
 Dns Server installed on the Same Box
 IP is 192.168.0.209 for this BOX

My Domain Netbiois name is skynetcorp and Dns name is Skynet.local
IN Dns Server I entered a Zone named skynet.local.
IN all the Clients I am using 192.168.0.209 as Primary DNS Address(I added my ISP DNS under forwarders in DNS Server)

So Far Somehow I manage my PDC to work with all the client having no problems.

Now What if my PDC crashes?

There is another Computer on Network. I Ran DCPROMO on it and it has all the user names and OU's in it as well. this means this box is something like BDC? if my PDC Crashes will this Computer Take Over?
if yes then what about DNS. all the clients are using 192.168.0.209 as Primart DNS Address. and the Other Box does not even have DNS Server installed.
Please Advise what should I do on my second Box if my PDC Crashes.

Thanks
0
Comment
Question by:khansoul
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
  • 6
  • +1
26 Comments
 
LVL 23

Expert Comment

by:rhandels
ID: 11889642
Hi,

Here goes.

First off all, in 2000 you don't speak of PDC and BDC, you only have Domain Controllers.

>>There is another Computer on Network. I Ran DCPROMO on it and it has all the user names and OU's in it as well. this means this box is something like BDC? if my PDC Crashes will this Computer Take Over?<<

Indeed, the second DC will take over. This is what it's purpose is.. Do make sure to create System State Back-ups of both servers.

>>if yes then what about DNS. all the clients are using 192.168.0.209 as Primart DNS Address. and the Other Box does not even have DNS Server installed.<<

Install DNS on the second server, make sure that DNS is Active Directory integrated, this way if you install DNS on the second server, it will have all DNS entries in it. After that, make sure to give all workstations a second DNS that points to the second DC (Domain Controller). You can do this by using DHCP and give the workstations the two DNS servers.

If you have any more questions, please ask..
0
 
LVL 25

Accepted Solution

by:
mikeleebrla earned 50 total points
ID: 11891898
i agree with rhandels 100% but i would like to add one point,,, in windows 2000 DCs hold 5 FSMO roles and these roles (contrary to popular belief) are not transfered when the DC that holds them goes down.  Yes your domain will probably function normally without them being transferred as long as you aren't doing any major changes to the schema, etc etc  the articles below explain FSMO roles and how to move them:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223346

http://support.microsoft.com/default.aspx?scid=kb;EN-US;255690

http://support.microsoft.com/default.aspx?scid=kb;en-us;255504
0
 
LVL 9

Assisted Solution

by:jdeclue
jdeclue earned 100 total points
ID: 11892135
The second DC must be configured as a Global Catalog, if it is not, users will not be able to log into the network if the first DC crashes, only Domain Admins will be able to log in. For any AD redundancy you must have at least 2 Global Catalogs.

Go to Active Directory Sites and Services, Open your Site, then open the new server. Right Click on "NTDS Settings" on the left pane and select properties. Check the box for "Global Catalog".

J
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:khansoul
ID: 11892785
> Install DNS on the second server, make sure that DNS is Active Directory integrated, this way if you install DNS on the second server, it will have all DNS entries in it. After that,

After I install DNS on Second Box, I should Add forwarders as well for my ISP in it?, and what should I name the ZONE for this additonal Dns Server? My Domain name is skynet.local


and whats the different B/w Global Cataloge and FSMO.

Thanks
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11892854
the articles in my above post explain clearly what each FSMO roles do,,, the Global Catalog is basically a FULL copy of your local domain database and a partial copy of other domains in you forrest,,, if you have mulitple domains in your forest.


you should name the DNS zone whatever your dns name of your domain is,, ie domain.com or domain.local

yes you should have at least one "real" external DNS server listed as a forwarder,,, ie one of your ISPs DNS servers.
0
 
LVL 23

Assisted Solution

by:rhandels
rhandels earned 50 total points
ID: 11892908
Hi,  

>>After I install DNS on Second Box, I should Add forwarders as well for my ISP in it?, <<

Yes, if this server needs to be a back-up DNS server, you do need to do this.. Also make sure that your firewall accepts DNS requests from this other server.

>>and what should I name the ZONE for this additonal Dns Server? My Domain name is skynet.local<<

This server is in the skynet.local domain, so the DNS zone name will still be skynet.local. The servers will have unique FQDN's (Fully Qualified Domain Names) like dns1.skynet.local and dns2.skynet.local

>>and whats the different B/w Global Cataloge and FSMO.<<

Those are both very different things. FSMO roles are roles that only server per domain can have, e.g. the PDC emulator that lets older pc's than 2000 log on, or the schema master which creates chnages within the schema.

A Global Catalog server is a DC whch has some extra "features"..





0
 
LVL 23

Expert Comment

by:rhandels
ID: 11892925
Hi Mike,

You posted to fast, must be of the decaf.. ;)
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11893002
slow day today,, so i have to keep myself occupied
0
 
LVL 9

Assisted Solution

by:jdeclue
jdeclue earned 100 total points
ID: 11893047
Let me explain that a little better, Mike discussed the FSMO roles and he is correct. I was just adding the Global Catalog, as the additional component needed to make the DC truly redundant. You need to do both. My post, is just a little piece that is often overlooked. It is not the answer to the whole question. ;)

J
0
 

Author Comment

by:khansoul
ID: 11893292
I wish I knew about DNS like you Guys, But I dont. so i am still confused.

Lets say if my PDC is still up and DNS Zone it has is skynet.local

Now if I Specifiy the Same ZONE name for other box skynet.local, will it create conflicts? Same Zone names for both Servers?


Basicly What I want is, if my PDC Crashes Other DC should take over automatically. I dont want any DownTime.
Thanks
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11893317
THERE IS NO SUCH THING AS A PDC IN WINDOWS 2000/2003
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11893335
your DNS zones should be of the type "active directory integrated"  this will resolve all of your confilcts since they will sync with the Active directory database.   Yes the zone names should be the same
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11893339
When you bring it up as Active-Directory enabled they will share there information because they both read and write to the Active Directory, they will become backups of each other.
0
 

Author Comment

by:khansoul
ID: 11893346
lol.
sorry to piss you off. my bad.
0
 
LVL 23

Expert Comment

by:rhandels
ID: 11893356
Hi khansoul,

If you take our advice (do all the things, also the GC option) you should be good to go with your network, you wont have any downtime from one failing DC.

Here a small thing about DNS.

Every domain (multiple computers that need to work together, let's make it simple) has it's own name eg Microsoft.com. In the Microsoft.com domain, you have a lots of servers, you can have multiple DNS servers within one domain. So if you add the second DC (indeed 200/2003 don't have PDC's or BDC's) to this domain, it will be a member of the same domain microsoft.com (or skynet.local in your case). They will be unique by it's name (as stated before..).
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11893366
im not pissed off,,, its just that those are NT 4.0 terms which are 8-10 years old which is an eternity in the IT world
0
 

Author Comment

by:khansoul
ID: 11893429
Thanks Guys.
So before I close the Questions Lets Review. and Correct me if I am wrong.


1. There is one Dc(Global Cataloge) in my Network, Dns name is Skynet.Local
2. That Box has Dns Installed Type (Primary) and zone name is Skynet.Local and all client using its IP as Primary DNS
3. Then I have Additional DC in my Network
4. I will install DNS Server on it with the name Skynet.local but AD Integerated.
5. I will use the IP of this Box for my clients as Secondry DNS Server. (OR if my DC Crashes I will simply Change the IP of this Box to the one that crashed)

Please Correct me if i am wrong.

Thanks
0
 
LVL 23

Expert Comment

by:rhandels
ID: 11893487
Hi,

You're right... Also, installing DNS on a second server (if DNS is ad integrated) is a piece of cake, just install DNS and it works...
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11893491
have your clients point to DNS servers like this

first DNS server  = ip address of one internal DNS server
second DNS server = ip address of another internal dns server

no need to switch the ips like you mentioned in step 5,,, the switch will take place automaitcally when the client PCs see that the first DNS server is down.
0
 

Author Comment

by:khansoul
ID: 11893508
and we can have more then 1 Global Cataolges in Dc's. or I should do it if one DC Crashes?

Thanks
0
 
LVL 23

Expert Comment

by:rhandels
ID: 11893563
Right mike, didn't read that right.

Yes, you can have more than one GC in your domain
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11893565
Set the global catalog now, you can't do it after one fails. If you do not have the global catalog on both DC's, then a failure of the DC with the global catalog, will prevent your users from accesing the domain.

J
0
 

Author Comment

by:khansoul
ID: 11893584
wow You Guys are Amazing.

This weekend I spent Hours at Barns and Noble, Could not find any book that I need, and did lots of online reseach but was not able to get the answers to the point. You guys helped me and fixed my confusion in matter of minutes.

I think experts should be awarded with something more then the Points. YOU GUYS ARE GREAT. ALL OF YOU

Thanks Again
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11893594
This is a funny one ;) PDC's, BDC's and DC's, oh my....


J
0
 
LVL 23

Expert Comment

by:rhandels
ID: 11893651
We are darn good, aren't we????
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11893744
Let me add one more thing, before everyone leaves...
1 DCs - OK
2 DCs- Not so Good
3 DCs- Redundancy

2 DC's is not a very good option for an Active Directory Structure, Active Directory works best with 1 or 3 DC's. 1 does not have redundancy, 2 can have issues with FSMO roles and Global Catalog, 3 - Allows 2 Global Catalogs and Infrastructe role on seperate server.

J
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Popular third-party chat platforms like Slack, Discord, and Telegram are just a few of the many new productivity applications that are being hijacked by cybercriminals to create command-and-control (C&C) communications infrastructures for their malw…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question