Solved

Windows 2000 server AD replication

Posted on 2004-10-19
4
253 Views
Last Modified: 2010-03-18
I have a question regarding to Replicating two DC's.   I would like to know why after I install a second domain controller that when I put the new DC in a test environment that I can' access the AD.  I thought I would have a copy after I install that new server as a Domain Controller it would have a full copy?  
0
Comment
Question by:K0ss
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 12352641

If you split the second domain controller from the domain it also loses access to all the services AD Provides.

** Please note that the following assumes that the Second DC will never be going back on the Live Network **

1. On the Domain Controller set up the DNS Service with a Primary AD Integrated Zone. Point the Server at itself for DNS.

2. Transfer the FSMO Roles with the following commands:

Start
Run
ntdsutil
Roles
Connections
Connect to Domain <your domain name>
Connect to Server <Domain Controller Name>
quit <quits to FSMO Maintenance>
Seize Domain Naming Master
Seize RID Master
Seize PDC
Seize Schema Master
Seize Infrastructure Master

Make sure the roles are all taken over correctly then quit the application.

3. Set the Domain Controller as Global Catalog in Active Directory Sites and Service, Right Click on the NTDS Settings for the Server and Tick the Global Catalog box.

Check the Event Log for error messages, especially with the Directory Service.
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12357839

I must emphasize that you NEVER PUT THIS COMPUTER BACK ON THE NETWORK without first formatting the drive completely.  Having a DC seize the Schema Master will destroy your domain, if the original is ever brought back online.
0
 

Author Comment

by:K0ss
ID: 13225183
Sorry about that....
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question