Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

windows 2003 domain controler Global Catalog fail over

Posted on 2011-03-15
8
Medium Priority
?
453 Views
Last Modified: 2012-06-27
When I reboot my main 2k3 DC my second 2k3 DC will not allow users to log into the domain. Under sites and services I have checked the box on both servers for the Global Catalog. I hear there is a service I have to install on the second DC in order for him to allow users to log in once the main DC is off line. Is there instructions on how to do this?
0
Comment
Question by:Martin_01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 13

Expert Comment

by:Felix Leven
ID: 35142210
Check FSMO roles:
Click Start, click Run, type cmd in the Open box, and then press ENTER.

Type ntdsutil, and then press ENTER.
Type domain management, and then press ENTER.
Type connections, and then press ENTER.
Type connect to server ServerName, where ServerName is the Name of the Domain Controller you would like to view, and then press ENTER.
Type quit, and then press ENTER.
Type select operation target, and then press ENTER.
Type list roles for connected server, and then press ENTER.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35142418
Can the built=in admin account login when this happened? (don't need the GC for them)

The Administrator in the domain (the Builtin Administrator account) can always log on to the domain, even when a global catalog server is not available.http://technet.microsoft.com/en-us/library/cc730749.aspx

Are both DCs DNS servers...if they are make sure clients have both DNS servers listed in their configuration.

Thanks

Mike
0
 

Author Comment

by:Martin_01
ID: 35142495
the FSMO roles are on DC1.

the main Domain admin acct can login only on DC2 when DC1 is down. Yes both DCs have DNS.

Is there a service that can be added to dc2 to fix this?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 57

Expert Comment

by:Mike Kline
ID: 35142553
FSMO roles don't have anythign to do with logons.  Did you try Mr. Graves suggestion?
0
 

Author Comment

by:Martin_01
ID: 35172960
I can see the rsmo roles, but is there a service that is needed on second DC for it to allow users to log in when DC1 is down
0
 
LVL 13

Expert Comment

by:Felix Leven
ID: 35172971
First, Routput to a text file (/?) -- search the file for FAIL, ERROR,
 WARN and either fix those errors or report them.
 
DNS server(s) are correct configured by dhcp on the client?

 try to restart NetLogon service..
 
0
 
LVL 13

Accepted Solution

by:
Felix Leven earned 2000 total points
ID: 35172975
sry,
First, run DCDiag on the problematic DC -- and save the output to a text file (/?) -- search the file for FAIL, ERROR, WARN and either fix those errors or report them.
 
DNS server(s) are correct configured by dhcp on the client?

 try to restart NetLogon service..

 
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question