Avatar of pol901pol
pol901pol asked on

Users are unable to login to email or vpn when primary DC fails. When pinging domain, it pings to backup DC.

I  have a primary and backup DC running on Windows Server 2003.  I ran dcdiag on support tools and it looks like it's replicating alright, When the primary DC fails, and I ping the domain, it pings to the backup DC;  though, no one is able to login to mail or vpn.  It seems that it does not completely take on the DC role.  What can I do to make sure that the backup successfully takes on the primary DC role?
Windows Server 2003Server HardwareWindows Networking

Avatar of undefined
Last Comment
pol901pol

8/22/2022 - Mon
ryansoto

Its probably because the second machine is not a global catalog server.
Make it a GC then let the data replicate for a bit then retest.

http://www.petri.co.il/configure_a_new_global_catalog.htm
Brian Pierce

Two things come to mind

1. Make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)


2 Install DNS on the second DC. You can do this through Add/Remove Programs->Windows Components->Networking Services->DNS.  If you are using Active Directory Integrated DNS then DNS will br replicated from the other DC/DNS.

3. Make sure that each DC points to itself as the preferred DNS server and that clients use one DC as the preferred DNS server and the other as alternate DNS server

ASKER
pol901pol

Thanks!  My primary DC is not setup as a global catalog, so can I leave the backup as is in regards to it not being a global catalog?  I did not have the backup DC pointing to itself so I changed that.  Will test failover tonight.
Your help has saved me hundreds of hours of internet surfing.
fblack61
ryansoto

All domain controllers should be global catalogs IMO there is no downside to it.  There is very little replication overhead.
ASKER CERTIFIED SOLUTION
pol901pol

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question