Failover Solution

Posted on 2009-12-16
Last Modified: 2012-05-08
Hi Guys,

I need your expert help in designing  a network which has failover solution in terms of disaster  and recovery. My company wants me to come up with some kind of solution in which we can use two or more server as PDC and BDC  so that in the even of our main server goes down for some unexpected reasons the users wont get effected and they carry on doing there work as per normal or with minimum disturbance and when the PDC comes back it sync the data with any changes from the BDC. I know this concept is very old in the age of NT 4 I searched on googl but cant find anything which can provide a solution to my problem.

Please guys help me tell me what are my options.

Hope to hear from you guys soon.


Question by:viksokhi
    LVL 77

    Expert Comment

    by:Rob Williams
    There is no problem to add a second domain controller to an SBS domain. If the SBS goes down you still have DNS and AD for authentication and name resolution.
    Add and Manage Additional Servers in a Windows Small Business Server Domain

    You still have to address Exchange, Sharepoint, and data. Often a good recovery solution such as ShadowProtect by is your best option.
    You could also consider using DFS (Distributed File System) to replicate the data files between servers and users by default access the one most readily available. This is not as efficient with SBS 2003 as it is with newer R2 servers but does work. For Exchange you might want to consider a 3rd party service like which provides spam filtering, mail archiving, and a backup webmail service to access you e-mail if the server is down.
    LVL 7

    Accepted Solution

    You not only need to add a 2nd domain controller, preferably a 3rd as well, but you'll also need to make sure they're all global catalog servers.

    But as far as having two computers be the PDC, that's not going to happen in an active directory.  With Active directory replacing NT4, MS removed the PDC role altogether and replaced it with the Primary Domain Controller Emulator FSMO role.  This role is there for backwards compatibility with pre-Win2k domain servers and to serve as the machine against which demoted / promoted DCs replicate in that process.  

    Only one machine is going to hold that role at any given time, it's very bad for active directory to think that more than one server holds the role, that's bad juju.  

    The good news is, if one domain controller dies (in this case, the one holding the PDC emulator role), you can seize it using another domain controller, and it will server as the PDC emulator using it's own copy of the AD sysvol share and replicate out to other DCs, it's really nice.  To do so, log into your host machine (not a server) with an account that has domain administrator privileges, and type these commands at the command prompt:

    (1) ntdsutil <enter>
    (2) Now you're in the ntdsutil.exe tool.  Type "roles" <enter>
    (3) Now you've got the "fsmo maintenance" prompt.  Type "connections" <enter>
    (4) Now you're in the server connections prompt.  Type "connect to server servername" <enter>, where "servername" is the name of the server to which you want to transfer or seize the fsmo role.
    (4) Once prompted that you've successfully bound ntdsutil to the server, type "q" <enter>
    (5) Now you're back at the fsmo maintenance prompt.  Type "seize pdc emulator" <enter>
    (6) You'll get a GUI popup asking if you really want to do this, click "yes", and then the ntdsutil will tell you when it's done.  

    That will move your pdc emulator fsmo role to another server, should your existing pdc lay an egg on you.  But bear in mind, this is not to be taken lightly, especially if one of your dcs has laid an egg.  If that has happened, make sure that your remaining servers are online and replicating properly.  if you seize fsmo roles in an active directory that isn't properly replicating, you can push your active directory into what's called the "journal wrap" state; trust me when I tell you, you don't want that.  

    Another note, it's good to be aware of who holds the fsmo roles in the first place, they're all sitting on the first dcin your domain, unless you've moved them.  Install the windows 2003 support tools, and at a command prompt, type "netdom query fsmo" <enter>.  That'll show you who holds all the fsmo roles.  If your pdc has died and you have to move that role, you'll need to move all the others too.   There's also the schema master, infrastructure master, rid master, domain naming master.  


    Author Closing Comment

    No comments

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    I have put this article together as i needed to get all the information that might be available already into one general document that could be referenced once without searching the Internet for the different pieces. I have had a few issues where…
    I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
    In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
    This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now