PDC related question ( Please try to explan me rather then sending me link)
Hi
I am learning windows 2008 ,
and I have 2 SErver (DC1 and DC2) and couple of computer
and I was watching a learning dvd
which is saying that :
if Primary domain controller (PDC) emulator master is down then it can be difficult to add computer or new user into DC2
ref:http://technet.microsoft.com/en-us/library/cc773108%28v=ws.10%29.aspx
so to testing .
I shuddown , DC1 ,
only DC2 is working
and I can see Error on DC2 when i go to check "Operation Master"
and its showing Error on DC1 (Please see the picture)
and also I have realized that DC2 is very slow when i try to traverse Active directory .
my question is :
when DC1 is down and DC2 is up :
still i can autheticaion user via DC2 , if i reboot a pc and i can authenticate user via DC".
so whats the problem ?
so why Primary domain controller (PDC) emulator master is so important ??
(2) when DC1 is going down, why DC2 is so slow (Specially when i try to traverse via AD??
thanks
pdc.gif
I am learning windows 2008 ,
and I have 2 SErver (DC1 and DC2) and couple of computer
and I was watching a learning dvd
which is saying that :
if Primary domain controller (PDC) emulator master is down then it can be difficult to add computer or new user into DC2
ref:http://technet.microsoft.com/en-us/library/cc773108%28v=ws.10%29.aspx
so to testing .
I shuddown , DC1 ,
only DC2 is working
and I can see Error on DC2 when i go to check "Operation Master"
and its showing Error on DC1 (Please see the picture)
and also I have realized that DC2 is very slow when i try to traverse Active directory .
my question is :
when DC1 is down and DC2 is up :
still i can autheticaion user via DC2 , if i reboot a pc and i can authenticate user via DC".
so whats the problem ?
so why Primary domain controller (PDC) emulator master is so important ??
(2) when DC1 is going down, why DC2 is so slow (Specially when i try to traverse via AD??
thanks
pdc.gif
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@mike .
sorry i did not meant that way!!
i have seen many people just sent some links from first page of google but i wanted to know more about it ...
from that link this comments
With the PDCE offline, users who have recently changed their passwords are more likely to get logon or access errors. They will also be more likely to stay locked out if using Account Lockout policies.
while DC1 is offline, I hae changed users password, but they dont get any authentication error .. so far
does it mean :
they will get or they might get or they might not ??
also :
why DC2 is so slow when i am traversing Active directory ?
sorry i did not meant that way!!
i have seen many people just sent some links from first page of google but i wanted to know more about it ...
from that link this comments
With the PDCE offline, users who have recently changed their passwords are more likely to get logon or access errors. They will also be more likely to stay locked out if using Account Lockout policies.
while DC1 is offline, I hae changed users password, but they dont get any authentication error .. so far
does it mean :
they will get or they might get or they might not ??
also :
why DC2 is so slow when i am traversing Active directory ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok Suppose I have 3 DC,
Dc1 , Dc2 and DC3
I made Dc2 as PDC ( which job role is to keep all password uptodate in between 3 Domain controller)
Now Suppose Dc2 died(pdc)
now i create a user in DC1 or change password of a user in dc1 , will it be replicate to Dc3 ??
when there is not any PDC ???
or
do i have to change either Dc1 or dc2 as PDc then Password replication will work ??
Dc1 , Dc2 and DC3
I made Dc2 as PDC ( which job role is to keep all password uptodate in between 3 Domain controller)
Now Suppose Dc2 died(pdc)
now i create a user in DC1 or change password of a user in dc1 , will it be replicate to Dc3 ??
when there is not any PDC ???
or
do i have to change either Dc1 or dc2 as PDc then Password replication will work ??
Assuming all other services are running then Yes
ASKER
sorry which one is true ??
will it be replicate to DC3?? or not ??
will it be replicate to DC3?? or not ??
... something called KCC (knowledge consistency checker), works out how to best replicate AD, replication does not need to go from DC1 to DC2 and then to DC3, KCC will determine the best method.
If your PDC is going to be down for more than a day or two I'd transfer it first. In case of a sudden fail you would have to seize roles
@jmoody10...google reader, I star a lot of blog entries.
@jmoody10...google reader, I star a lot of blog entries.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In an unrelated question - what RSS feeds do you subscribe to (if any)? You always seems to have a great article to go with any question.