?
Solved

When 1 DC/GC 2003 server goes down, users can't logon the the domain with the 2nd DC/GC (500 points)

Posted on 2006-05-02
12
Medium Priority
?
367 Views
Last Modified: 2010-04-13
I have 2 Windows 2003 DC/GC/DHCP servers.  I'm in the process of building anew one to replace one of the old ones.  When I shut down the 1st DC/GC/DHCP users can't logon to the domain via the 2nd DC/GC/DHCP.  What could be wrong?

Thanks J.R.
0
Comment
Question by:J.R. Sitman
  • 4
  • 4
  • 2
10 Comments
 
LVL 9

Expert Comment

by:dooleydog
ID: 16589156
are they in the same location? do they both have the correct IP settings including DNS and WINS, if you are using it.

how about the second DC/GC, does it host DNS? Is your DNS AD Integrated? Is the DHCP Scope active / authorized and is it correct?

Hope these suggestions help,



0
 

Author Comment

by:J.R. Sitman
ID: 16590318
Yes same location, I had the IP settings and DNS verified by another TECH just to be sure I was correct.  Yes the 2nd DC hosts DNS.  
How do I check if the DNS is AD Integrated?
The DHCP is active and authorized both DC's

Could the fact that I shut down the first DC 30 minutes before the users got in, have anything to do with it?
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 1000 total points
ID: 16592025
Hi jrsitman,

there is a common misonception about domain controllers automatically making everything work when one goes down, the idea of multiple is for redundancy yes, but if one dies, there is your issues with the FSMO roles no longer being available which needs to dealt with fairly quickly

you need to make sure with both DC's up that the machines are replicating and that your netdiag doesnt report errors, these diags should be run regularly to check system health, i have seen many instances of multiple DC's, when one fails people are shocked that the other doesnt pick up everything straight away and all works perfectly......

run your netdiag to start with and lets make sure all is working well, there is a reghack somehwere that i have seen or when this scenario occurs, ill see what i can find
0
[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

 
LVL 9

Assisted Solution

by:dooleydog
dooleydog earned 1000 total points
ID: 16592136
If all of your DCs (in your case two) are replicating properly, then when one is offline for a short period of time, or even longer. Authentication can be performed by and from any DC that happens to get the logon request.

now, for the AD Integrated zone. (from memory here ...) go into DNS find your zone, and right click and go to properties. Find near the top, if it is a standard zone, you can easily make it an AD integrated zone.

Also, once you have done this, make the other DC also a DNS server, and tell it to host a copy of the existing zone.

Good Luck,
0
 

Author Comment

by:J.R. Sitman
ID: 16592351
The replication is working fine.  Both have the same SOA and DNS records.
They are both AD Integrated
The 2nd DC is hosting the existing zone.  I tested this by adding an new computer today to the domain.

That's why this is so confusing.  I'm not an expert by any means, but I've checked everything I can think of.

If you think of anything else let me know.

Thanks
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16592413
if you suddenly power down your DC with users logged in, when you restart the client machines what exactly happens
0
 

Author Comment

by:J.R. Sitman
ID: 16596466
I haven't tried that.  Unfortunately, I won't be back at the office till 5/9.  I can do it then.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16600856
issues can also rise if you have ever had an old DC thats hasnt ben removed properly...
0
 

Author Comment

by:J.R. Sitman
ID: 16600888
I had a member serverthat happened to, but not a DC
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16601611
if your certain there was never another DC then cool :)
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Strategic internal linking is often considered an SEO power technique, especially for content marketing. Do you need to hire an SEO agency to optimize you internal linking? No, this article will help you understand the basics of internal linking and…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question