Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Redundancy for Domain on Server2003
I have two domain controllers, both with AD on them. recently the power supply failed in the main domain controller. I assumed that I could enable the DCHP on the other controler and everything would be ok. however I was unable to log onto the second server as it could not authenticae my logon. If I logged on locally I could not activate the DHCP, as I didn't have enough permissions.
I got over the problem by finding a new power supply for the primary domain controller, but I want to make sure that if I loose the main server again I can switch to the other on.
What am I doing wrong?
I got over the problem by finding a new power supply for the primary domain controller, but I want to make sure that if I loose the main server again I can switch to the other on.
What am I doing wrong?
Who is Participating?
First I would verify both are Domain Controllers. It does not sound like your second server is a DC, you would not be able to login localy on it.
I would make sure the second DC is running DNS and the DC is pointing to itself for resultion as one of the DNS servers. The second DC should be a Global Catalog server and DNS server. Here are some links with steps to add ana dditional DC.
http://www.petri.co.il/how_to_install_active_directory_replica_on_windows_2003.htm
http://technet.microsoft.com/en-us/library/cc738032(WS.10).aspx
I would make sure the second DC is running DNS and the DC is pointing to itself for resultion as one of the DNS servers. The second DC should be a Global Catalog server and DNS server. Here are some links with steps to add ana dditional DC.
http://www.petri.co.il/how_to_install_active_directory_replica_on_windows_2003.htm
http://technet.microsoft.com/en-us/library/cc738032(WS.10).aspx
The usual cause od the symtptoms you describe is that the second DC is not a Global Catalog or DNS server.
Ypu need to make sure the server is a global caltalog server -see http://support.microsoft.com/kb/313994
You should also install DNS on the new machine - just install DNS and assuming you are using AD integrated DNS it will replicate automactically.
You also ned to make sure the clients are set to use one of your DNS servers as the PREFERRED (first) DNS server and the other as the ALTERNATE(second DNS server), - normally by adding both server Is to the DHCP scope options.
While on the subject of DHCP - why not have DHCP running permananetly on BOTH machines - the simplest solition is to just split your current scope doen the middle - so if for example you are current;y using a scope on 192.168.1.1 - 192.1681.200, then modift your current DHCP server to have a scope of 192.168.1.1 - 192.1681.100 and set the other one to 192.168.1.101 - 192.1681.200
Ypu need to make sure the server is a global caltalog server -see http://support.microsoft.com/kb/313994
You should also install DNS on the new machine - just install DNS and assuming you are using AD integrated DNS it will replicate automactically.
You also ned to make sure the clients are set to use one of your DNS servers as the PREFERRED (first) DNS server and the other as the ALTERNATE(second DNS server), - normally by adding both server Is to the DHCP scope options.
While on the subject of DHCP - why not have DHCP running permananetly on BOTH machines - the simplest solition is to just split your current scope doen the middle - so if for example you are current;y using a scope on 192.168.1.1 - 192.1681.200, then modift your current DHCP server to have a scope of 192.168.1.1 - 192.1681.100 and set the other one to 192.168.1.101 - 192.1681.200
Yes - DHCP is another issue, beacuse I only have 254 addresses and I only have about 40 free. In addition I have about 30 static IP addresses (WAP and Printers, IP Phone system etc). I have considered rescoping or using a SuperScope, but really this ought to be the suject for another question.
Thinking back I now remember that I was not able to log ontot he second server locally, and I am sure that I have the DNS and AD running on both machines - I remember checking that the users sere on both and when I added to one it was automatically added to teh other.
Basically I am going to start again with a cheap box and add 2003 to it and then follow the instructions about. I might also move my DHCP reservations across using the DHCP mdb files and check it all runs.
Is this a good idea?
Thinking back I now remember that I was not able to log ontot he second server locally, and I am sure that I have the DNS and AD running on both machines - I remember checking that the users sere on both and when I added to one it was automatically added to teh other.
Basically I am going to start again with a cheap box and add 2003 to it and then follow the instructions about. I might also move my DHCP reservations across using the DHCP mdb files and check it all runs.
Is this a good idea?
Importanat note:
Best practice,not to install Infrastructure Master (IM) role on the same domain controller as the Global Catalog server (.i.e.Primary DC). If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest.
Best practice,not to install Infrastructure Master (IM) role on the same domain controller as the Global Catalog server (.i.e.Primary DC). If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest.
In response to @abbasiftt's comment
Having the Infrastructure Master on the same machine as the Global Catalog is only an issue in a multi-domain environment where not all machines are Global catalogs - if you don't have multiple domains it not an issue. If you do have multiple domains and all yor machines are GCs, then again ita NOT an issue
Having the Infrastructure Master on the same machine as the Global Catalog is only an issue in a multi-domain environment where not all machines are Global catalogs - if you don't have multiple domains it not an issue. If you do have multiple domains and all yor machines are GCs, then again ita NOT an issue
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month10 days, 17 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_2003_Active_Directory/Q_22890304.html