Created additional domain. Cannot log in to it if main DC is down

I created an additional domain controller. Everything seems to have replicated fine.

to test the redundancy, I turned off my first domain controller. Only the additional domain controller was on.

I tried logging in to the domain with a client, and it says DOMAIN CANNOT BE FOUND

any ideas?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:

You need to do several more things to allow you to do that.

1. Create a second DNS Server - This is important because your clients need it to find the servers that allow log on.

So, inside DNS Manager add an Active Directory Integrated Forward Lookup zone for your domain. This should contain all the data from your existing DNS.

Then add the new servers IP as the Secondary DNS for all other clients and servers - so they know what to ask.

2. Make the server a Global Catalog. You can do this in Active Directory Sites and Services, select the server, then NTDS Settings and properties. Inside there is a little tick box to make the Server a Global Catalog.

That should fix it :)
dissolvedAuthor Commented:
1. Please help explain step one a little further. I am confused.  You are saying I need to add a DNS server on to my ADDITIONAL domain controller right? This will make a total of 2 DNS servers in my network (one for each DC) What do I do from there? Will it replicate the DNS from my other (original) DC automatically?

<<Then add the new servers IP as the secondary DNS for all other clients and servers>>
Where do I do this at?

2. I have to make the server a global catalog in order for it process logons from clients right? I can have more than 1 global catalog on the domain?

Sorry for being so inquisitive, I am on a learning rampage.
Chris DentPowerShell DeveloperCommented:

1. Yep. If you turn the other server off you won't have a DNS available on your network.

Active Directory requires DNS because it contains all the information about which servers can authenticate logons etc etc.

If you use Active Directory Integrated zones on both servers it will replicate everything between them as part of normal AD Replication so you should just need to add an AD Integrated (Forward Lookup) zone to the DNS Manager on your new server.

If you check in the IP Configuration for any of your PCs or Servers they probably have one DNS Server listed at the moment (your main DC), since that one won't be available (due to being turned off) you will also need to add in the address for the new server as a secondary DNS. Now when it fails to connect the first server it can try the second and look for the domain again.

You can view the current configuration with "ipconfig /all" from the command prompt.

2. You can have lots of Global Catalogs.

They handle Universal Group Membership and, because of that, are required on the network to allow logon.
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

dissolvedAuthor Commented:
Ok, so I just install/configure DNS on my additoinal domain controller. And have the clients use it as a secondary. That simple right? I dont have to do any DNS configuration (right click > properties> add name server)?

I will also have to redo my DHCP server to include the IP of the second DNS serer right?  This way, the clients will have both?
dissolvedAuthor Commented:
Sorry let me re write that last comment

Ok, so I just install/configure DNS on my additional domain controller. And have the clients use it as a secondary. That simple right? I dont have to do any DNS configuration on my domain controllers themselves do i (right click > properties> add name server)?

I will also have to redo my DHCP server to include the IP of the second DNS serer right?  This way, the clients will have both?
Chris DentPowerShell DeveloperCommented:

Yep that's all you have to do. Nice and easy huh? :)

And yep it's a good idea to add the information to the DHCP Scope.

Of course if your DHCP server is the main server, and the DHCP is offline then any clients that restart won't be able to get an IP address.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dissolvedAuthor Commented:
thanks for the help.
Im going to try it when I get home.

Now the question is, when do you have to do any configurations to the DNS server? Because I now have 2 DNS servers.  Do I have to right click my DNS server and click "ADD DNS SERVER".  Or will all of this be automatically replicated if both DNS servers are AD integrated.

Chris DentPowerShell DeveloperCommented:

Add DNS Server to connect to the current server (or which ever one you want to set up).

Select Forward Lookup Zones and add a new zone. Make it Primary AD Integrated with the same domain name as the rest of your domain.

The contents will replicate from the other domain controller.
dissolvedAuthor Commented:
thanks again
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.