Solved

Active Directory Logon Process

Posted on 2009-04-06
7
1,158 Views
Last Modified: 2012-08-14
I have two DCs, when the main DC is offline my users are unable to login. Shouldn't the second DC be taking over the login process in the domain?
0
Comment
Question by:gueraf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24081679
Yes the second one should take over and handle authentication requests.
Is the second box a Global Catalog server
Is it running DNS?
Are clients pointing to both boxes for DNS (primary and alternate)
Thanks
Mike
0
 

Author Comment

by:gueraf
ID: 24081803
Nope the 2nd box is not a Global Catalog Server, and it is runnning DNS. Clients are pointing to both boxes for DNS. I just changed the 2nd box to Global Catalog Server. Will test and hopefully this is the fix.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 24081847
Yeah that should do the trick, let me know how it goes.
 
Thanks
Mike
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Closing Comment

by:gueraf
ID: 31567234
Thank you Mike, just got a chance to test it and it works.
0
 
LVL 1

Expert Comment

by:GFCU
ID: 25339100
So it is recommmended that both of the servers be global catalog servers?  I have the same scenario and I want to verify that both of these will work in the case of an emergency.  If both have to be a GC Server can you remind me where I can find that configuration within AD?
0
 

Author Comment

by:gueraf
ID: 25339225
AD Sites and Services, under the NTDS settings of the DC that you would like to turn into a GC.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 25341285
@GFCU,  yes it is best to have them both as GCs...in fact always go in trying to make every DC a GC   see bullet 1 in the blog below
http://adisfun.blogspot.com/2009/04/lessons-learned-from-eric-fleischman.html
Thanks
Mike
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question