Ensure DC is fully replicated

Posted on 2006-04-25
Last Modified: 2010-07-27
I have had some problems in the past where I have one DC that is running all of our AD & working great...I have then created another machine as a DC by running DCPROMO.  It seems to work (I can add users on it etc etc), but, when the main AD goes down, the network is down.  Is there anything else short of DCPROMO that I can do to ensure that EVERYTHING is replicated over to the DC & our network can work seamlessly if one of the two is down?

Question by:rustyrpage
    LVL 18

    Expert Comment

    your second and subsequent DC's need to house other domain services that are cricital.  

    when expanding you should end up with at least two of these:
    file server
    print server
    DHCP server
    DNS server
    Global Catalog Server

    If the servers are local, (connected on the same subnet.) your replication should work well without further configuration.

    I suspect your problem will be solved by making the both servers global catalog servers, let that replicate and test.
    AD Sites and services -> sites -> default -> server name -> NTDS settings (right click) properties, check global catalog.
    LVL 6

    Author Comment

    I think that may have been it...only the main one was set as a global that should do the trick?  Is there any disadvantage to having all 4 of my DCs be global catalogs?
    LVL 6

    Author Comment

    Also, when I setup this server as a secondary DNS server, what is the best way to configure it?  (point it to a main internet server or one of my other DNS servers?)

    LVL 18

    Accepted Solution

    if they are all local, then it won't matter.
    if you had bandwidth concerns, then you need to apply some though to which are GC's

    A non DNS server (or workstation) should have on it's TCP/IP settings DNS 1 = a internal DNS server and DNS 2= the other internal DNS ...
    A DNS server should have on it's TCP/IP settings DNS 1 = it's own Ip address or no other entries.

    the AD integrated DNS's all talk to each other via AD and not DNS
    you don't point them at each other.

    All DNS servers should forward requests to the ISP provided DNS servers for faster answers. (server name, right click, properties, forwarders tab.)

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now