Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.
Solved
Redundancy for Domain on Server2003
Posted on 2011-02-13
I have two domain controllers, both with AD on them. recently the power supply failed in the main domain controller. I assumed that I could enable the DCHP on the other controler and everything would be ok. however I was unable to log onto the second server as it could not authenticae my logon. If I logged on locally I could not activate the DHCP, as I didn't have enough permissions.
I got over the problem by finding a new power supply for the primary domain controller, but I want to make sure that if I loose the main server again I can switch to the other on.
What am I doing wrong?
I got over the problem by finding a new power supply for the primary domain controller, but I want to make sure that if I loose the main server again I can switch to the other on.
What am I doing wrong?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3
2
- +1
7 Comments
First I would verify both are Domain Controllers. It does not sound like your second server is a DC, you would not be able to login localy on it.
I would make sure the second DC is running DNS and the DC is pointing to itself for resultion as one of the DNS servers. The second DC should be a Global Catalog server and DNS server. Here are some links with steps to add ana dditional DC.
http://www.petri.co.il/how_to_install_active_directory_replica_on_windows_2003.htm
http://technet.microsoft.com/en-us/library/cc738032(WS.10).aspx
I would make sure the second DC is running DNS and the DC is pointing to itself for resultion as one of the DNS servers. The second DC should be a Global Catalog server and DNS server. Here are some links with steps to add ana dditional DC.
http://www.petri.co.il/how_to_install_active_directory_replica_on_windows_2003.htm
http://technet.microsoft.com/en-us/library/cc738032(WS.10).aspx
The usual cause od the symtptoms you describe is that the second DC is not a Global Catalog or DNS server.
Ypu need to make sure the server is a global caltalog server -see http://support.microsoft.com/kb/313994
You should also install DNS on the new machine - just install DNS and assuming you are using AD integrated DNS it will replicate automactically.
You also ned to make sure the clients are set to use one of your DNS servers as the PREFERRED (first) DNS server and the other as the ALTERNATE(second DNS server), - normally by adding both server Is to the DHCP scope options.
While on the subject of DHCP - why not have DHCP running permananetly on BOTH machines - the simplest solition is to just split your current scope doen the middle - so if for example you are current;y using a scope on 192.168.1.1 - 192.1681.200, then modift your current DHCP server to have a scope of 192.168.1.1 - 192.1681.100 and set the other one to 192.168.1.101 - 192.1681.200
Ypu need to make sure the server is a global caltalog server -see http://support.microsoft.com/kb/313994
You should also install DNS on the new machine - just install DNS and assuming you are using AD integrated DNS it will replicate automactically.
You also ned to make sure the clients are set to use one of your DNS servers as the PREFERRED (first) DNS server and the other as the ALTERNATE(second DNS server), - normally by adding both server Is to the DHCP scope options.
While on the subject of DHCP - why not have DHCP running permananetly on BOTH machines - the simplest solition is to just split your current scope doen the middle - so if for example you are current;y using a scope on 192.168.1.1 - 192.1681.200, then modift your current DHCP server to have a scope of 192.168.1.1 - 192.1681.100 and set the other one to 192.168.1.101 - 192.1681.200
Yes - DHCP is another issue, beacuse I only have 254 addresses and I only have about 40 free. In addition I have about 30 static IP addresses (WAP and Printers, IP Phone system etc). I have considered rescoping or using a SuperScope, but really this ought to be the suject for another question.
Thinking back I now remember that I was not able to log ontot he second server locally, and I am sure that I have the DNS and AD running on both machines - I remember checking that the users sere on both and when I added to one it was automatically added to teh other.
Basically I am going to start again with a cheap box and add 2003 to it and then follow the instructions about. I might also move my DHCP reservations across using the DHCP mdb files and check it all runs.
Is this a good idea?
Thinking back I now remember that I was not able to log ontot he second server locally, and I am sure that I have the DNS and AD running on both machines - I remember checking that the users sere on both and when I added to one it was automatically added to teh other.
Basically I am going to start again with a cheap box and add 2003 to it and then follow the instructions about. I might also move my DHCP reservations across using the DHCP mdb files and check it all runs.
Is this a good idea?
Active today
Importanat note:
Best practice,not to install Infrastructure Master (IM) role on the same domain controller as the Global Catalog server (.i.e.Primary DC). If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest.
Best practice,not to install Infrastructure Master (IM) role on the same domain controller as the Global Catalog server (.i.e.Primary DC). If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest.
In response to @abbasiftt's comment
Having the Infrastructure Master on the same machine as the Global Catalog is only an issue in a multi-domain environment where not all machines are Global catalogs - if you don't have multiple domains it not an issue. If you do have multiple domains and all yor machines are GCs, then again ita NOT an issue
Having the Infrastructure Master on the same machine as the Global Catalog is only an issue in a multi-domain environment where not all machines are Global catalogs - if you don't have multiple domains it not an issue. If you do have multiple domains and all yor machines are GCs, then again ita NOT an issue
Featured Post
Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Learn about cloud computing and its benefits for small business owners.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data.
But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses
Course of the Month11 days, 10 hours left to enroll
636 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.