Solved

keeping an exact copy  of a domain controler for 0% down time

Posted on 2008-10-02
7
277 Views
Last Modified: 2013-11-05
Hi guys,
I have a 2003 domain controller.in example.com domain.dns is also installed in this and also the file sharing is installed.I have Only one domain controller in the domain.

I want another domain controller whic will act as a backup. ie if the first one crashes the second one will act as the domain controller and the users are also able login.

All my shared resources will be there in the second one as it in the first one.

How can I implement this?

Thanks in advance.

 
0
Comment
Question by:pratheeshkuriakose
  • 3
  • 2
  • 2
7 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 22622682
Two options
1. use a utility such as Doubletake http://www.doubletake.com/ which will cost you
or
2. do it the MS way - have Two DCs and use DFS to replicate the data

The process is as follows

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network

Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

If the new Windows 2003 server is the R2 version and the existing set-up is not then you need to run Adprep  from CD2 of the R2 disks on the existing Domain controller. Adprep is in the \CMPNENTS\R2\ folder on CD2
you need to run

adprep /forestprep
and
adprep /domainprep

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select Additional Domain Controller in an existing Domain

Once Active Directory is installed then install DNS. You can do this through Add/Remove Programs->Windows Components->Networking Services->DNS.  If you are using Active Directory Integrated DNS then DNS will br replicated from the other DC/DNS.

Next make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand, Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

If necessary install DHCP on the new DC. You can do this through Add/Remove Programs->Windows Components->Networking Services->DHCP.

You will then need to remove any existiing DHCP prior to authorising the new DHCP Server. When setting up the new DHCP server dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set the new domain controller.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and the domain could function for a while at least should any one of them fail.

You can impliment DFS to replicate the data http://www.windowsnetworking.com/articles_tutorials/Implementing-DFS-Replication.html
0
 
LVL 16

Expert Comment

by:JoWickerman
ID: 22622751
Hi pratheeshkuriakose,

You'll have to get a second server with the same specs and setup clustering between the 2 serves. Make sure you enable failover so that when the one goes down, the other one takes over.

But... Windows Server 2003 Standard DOES NOT support clustering. You will need Server 2003 Enterprise to accomplish this.

Hope this helps.

Cheers.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22622783
I specifically ruled out clustering as it was stated Windows 2003 Standard. To support clustering not only do you need Enterprise Edition of the server OS, bit also Enterprise edition of all server applications. You also need an external disk array and multiple networks. If 100% uptime is a priority any you are prepared to pay the considerale premium then it is worth considering - but its not for those on a tight budget.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:pratheeshkuriakose
ID: 22718607
I Am Out of office now I will check this in a week

thanks
0
 

Author Comment

by:pratheeshkuriakose
ID: 22793298
how can i move the fsmo roles in the additional domain controller???
0
 
LVL 16

Expert Comment

by:JoWickerman
ID: 22820421
Hi,

This article will show you haow to do this:

http://www.petri.co.il/transferring_fsmo_roles.htm

How this helps.

Cheers
0
 
LVL 70

Accepted Solution

by:
KCTS earned 125 total points
ID: 22820559
Note that the FSMO roles can be absent for some time and the domain will continue to function as lonh as you have a second DC that is also a global catalog server and DNS server and the clients are set to use it.

(and note that the clustering of Domain Controllers is NOT supported aor reecommended even if you did have the several thousands of pounds required to set up a cluster)

All you need is a second DC configured properly ie:

The essential steps to installing a second domain controller for redundancy are outlined below. Not that your second DC will have to be a Windows 2003 Server (NOT SBS as you can only have on SBS DC on a domain)

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

If the new Windows 2003 server is the ‘R2’ version and the existing set-up is not then you need to run Adprep  from CD2 of the R2 disks on the existing Domain controller. Adprep is in the \CMPNENTS\R2\ folder on CD2

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line
Select ‘Additional Domain Controller in an existing Domain’

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the ‘Global Catalog’ checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will have replicated to the new domain controller along with Active Directory.

If you are using DHCP you should spread this across the domain controllers, In a simple single domain this is easiest done by Setting up DHCP on the second Domain controller and using a scope on the same network that does not overlap with the existing scope on the other Domain Controller. Don’t forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and DHCP. and the domain could function for a while at least should any one of them fail. However for a fully robust system you need to be aware that the first domain controller that existed will by default hold what are called FSMO Roles. There are five of these roles that are held on a single server and are essential for the functioning of the network. If the second Domain Controller fails, then no problem as the FSMO roles are on the first Domain Controller. However if the first server fails for a substantial time  you should move the FSMO roles,  (see http://support.microsoft.com/kb/255504)
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Server 2003 x64 upgrade question 10 43
Dentrix G4 1 30
SolarWind and DNS Server 12 36
Bizarre hard disk problem 15 70
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now