Learn how to a build a cloud-first strategyRegister Now


Failover Solution

Posted on 2009-12-16
Medium Priority
Last Modified: 2012-05-08
Hi Guys,

I need your expert help in designing  a network which has failover solution in terms of disaster  and recovery. My company wants me to come up with some kind of solution in which we can use two or more server as PDC and BDC  so that in the even of our main server goes down for some unexpected reasons the users wont get effected and they carry on doing there work as per normal or with minimum disturbance and when the PDC comes back it sync the data with any changes from the BDC. I know this concept is very old in the age of NT 4 I searched on googl but cant find anything which can provide a solution to my problem.

Please guys help me tell me what are my options.

Hope to hear from you guys soon.


Question by:viksokhi
LVL 78

Expert Comment

by:Rob Williams
ID: 26061640
There is no problem to add a second domain controller to an SBS domain. If the SBS goes down you still have DNS and AD for authentication and name resolution.
Add and Manage Additional Servers in a Windows Small Business Server Domain

You still have to address Exchange, Sharepoint, and data. Often a good recovery solution such as ShadowProtect by http://www.storagecraft.com/ is your best option.
You could also consider using DFS (Distributed File System) to replicate the data files between servers and users by default access the one most readily available. This is not as efficient with SBS 2003 as it is with newer R2 servers but does work. For Exchange you might want to consider a 3rd party service like  www.Exchangedefender.com which provides spam filtering, mail archiving, and a backup webmail service to access you e-mail if the server is down.

Accepted Solution

Texas_Billy earned 1500 total points
ID: 26073469
You not only need to add a 2nd domain controller, preferably a 3rd as well, but you'll also need to make sure they're all global catalog servers.

But as far as having two computers be the PDC, that's not going to happen in an active directory.  With Active directory replacing NT4, MS removed the PDC role altogether and replaced it with the Primary Domain Controller Emulator FSMO role.  This role is there for backwards compatibility with pre-Win2k domain servers and to serve as the machine against which demoted / promoted DCs replicate in that process.  

Only one machine is going to hold that role at any given time, it's very bad for active directory to think that more than one server holds the role, that's bad juju.  

The good news is, if one domain controller dies (in this case, the one holding the PDC emulator role), you can seize it using another domain controller, and it will server as the PDC emulator using it's own copy of the AD sysvol share and replicate out to other DCs, it's really nice.  To do so, log into your host machine (not a server) with an account that has domain administrator privileges, and type these commands at the command prompt:

(1) ntdsutil <enter>
(2) Now you're in the ntdsutil.exe tool.  Type "roles" <enter>
(3) Now you've got the "fsmo maintenance" prompt.  Type "connections" <enter>
(4) Now you're in the server connections prompt.  Type "connect to server servername" <enter>, where "servername" is the name of the server to which you want to transfer or seize the fsmo role.
(4) Once prompted that you've successfully bound ntdsutil to the server, type "q" <enter>
(5) Now you're back at the fsmo maintenance prompt.  Type "seize pdc emulator" <enter>
(6) You'll get a GUI popup asking if you really want to do this, click "yes", and then the ntdsutil will tell you when it's done.  

That will move your pdc emulator fsmo role to another server, should your existing pdc lay an egg on you.  But bear in mind, this is not to be taken lightly, especially if one of your dcs has laid an egg.  If that has happened, make sure that your remaining servers are online and replicating properly.  if you seize fsmo roles in an active directory that isn't properly replicating, you can push your active directory into what's called the "journal wrap" state; trust me when I tell you, you don't want that.  

Another note, it's good to be aware of who holds the fsmo roles in the first place, they're all sitting on the first dcin your domain, unless you've moved them.  Install the windows 2003 support tools, and at a command prompt, type "netdom query fsmo" <enter>.  That'll show you who holds all the fsmo roles.  If your pdc has died and you have to move that role, you'll need to move all the others too.   There's also the schema master, infrastructure master, rid master, domain naming master.  


Author Closing Comment

ID: 31666690
No comments

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you ever consider purchasing any Daossoft Software Products, DON'T expect any meaningful support - This article should convince you why!
Learn how the use of a bunch of disparate tools requiring a lot of manual attention led to a series of unfortunate backup events for one company.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question