• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 348
  • Last Modified:

Secondary Active Directory Controller not taking authorizations, not doing DNS

We have 2 AD controllers at 2 sites.  They are both on the same subnet, connected via fiber relay between buildings (on a 10.0.10.* network).  When the 'main' controller (ADSERVER1) goes down, the secondary one (ADSERVER2) appears to not be taking over authentication and DNS.

Our primary server went down this morning, and until I could get it back up, we had no DNS, and no authentication whatsoever.

How would I check to see if the ADSERVER2 is set to take over domain control when ADSERVER1 is down?
0
gracewild
Asked:
gracewild
3 Solutions
 
bluntTonyCommented:
I assume if they are both on the same subnet, then you haven't configured the two physical sites as two sites in AD Sites and Services?

Are both DCs also DNS servers, and do your clients have both servers' IP addresses in their preferred DNS servers list?
0
 
Gunter17Commented:
The first active directory servers DNS should be set to itself, and the seconds DNS server set to itself as well. Your clients DNS should be set to your primary and secondary active directory servers.

As long as there are no sync problems (which would be logged in the FRS event log) the other server should function fine and serve logon requests after the timeout period on the primary dns expires.

Are both servers providing global catalog services?
http://technet.microsoft.com/en-us/library/cc758330(WS.10).aspx
0
 
Mike KlineCommented:
Is your second domain controller also a global catalog server?
Thanks
Mike
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Mike KlineCommented:
The AD servers don't have to be pointing to themselves for DNS (although that is ok)
You can have them pointing to each other for primary and each other for secondary.  Both methods are valid.
Thanks
Mike
0
 
gracewildAuthor Commented:
Thank you for the quick replies.
The DNS server settings were pointed both the ADSERVER1, so I put ADSERVER2's IP address for the primary, and ADSERVER1 for the secondary.  Global catalog was NOT checked on ADSERVER2, but now it is.

Thanks a ton.
0
 
Mike KlineCommented:
ok thanks let us know if ADServer2 takes over next time AD1 goes down.
Thanks
Mike
0
 
gracewildAuthor Commented:
I certainly will.  I am going to test it tonight or tomorrow after everyone goes home for the day.

I really appreciate it.

0
 
gracewildAuthor Commented:
Sorry it took me so long to reply, things have been crazy here, and I have been ill.  

The fix did work.  Our ADSERVER2 does take over the domain authorization and DNS when ADSERVER1 is down.  This is a very good thing, because the motherboard just died on ADSERVER1.  Parts are on order and ADSERVER2 is doing everything until we get it rebuilt.

Thanks
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now