Solved

Replacing failing Domain Controller

Posted on 2009-04-13
3
290 Views
Last Modified: 2012-05-06
We have two domain controllers DC1 & DC2 in site1 both running 2003 R2 SP2 and are DNS.DC1 holds all the FSMOs and DC2 is a global cataloge.

We are observing issues with DC2 and plan to troubleshoot it.We can not bring down the global cataloge due to its heavy usage for Exchange and Sharepoint requiring it to be highly available.

1. I add another DC,DC3 as a global catalogue till the time we troubleshoot DC2 and recommission it back.
We demote DC2 ,rebuild it and join it back and then take out DC3 from the site.
 
2. I add another DC,DC3 and have two global catalogues for this site.
3. I add another server with same name & IP as DC2, unplug existing DC2 and get it replicated with other DCs

Please suggest a proper approach to go in for.
0
Comment
Question by:shsharma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 11

Accepted Solution

by:
ecsrd earned 50 total points
ID: 24132003
If it is just a temporary measure, why not just make DC1 a GC?  Of course, you'd lose redundancy, but if its literally for a short term, you could most likely just do that.  As for the options you listed:

1 - This would defintely work as an option.
2 - Nothing wrong with having two servers as global catalogues for a site.
3 - DON'T do this unless you make absolutely sure all replications have removed references to the old DC INCLUDING _msdcs values in DNS - if there is any reference to the old DC, you'll have problems with replication afterwards.  Additionally, you would have to demote the old DC2 for this to work.  This would be the most work intensive option for you, though it may seem the easiest!
0
 
LVL 18

Expert Comment

by:Americom
ID: 24132026
Yeah..if you have two DCs, you should have both configured as GCs, otherwise you don't have good redundancy to begin with.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Let's recap what we learned from yesterday's Skyport Systems webinar.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question