Solved

Active Directory Logon Question

Posted on 2013-01-10
3
273 Views
Last Modified: 2013-01-24
Have a general question about Active Directory Logon.   We have a WIndows 2008 server acting as domain controler.   Also have another 2008 server running active directory services as well.  I can see that some computers when they logon are logging on to our domain via the 1st server (primary I call it) and some onto our secondary.   My question is that sometimes when we do updates and restart our primary server some users need to logoff and log back on during that time.   Because of that restart (and the fact that they were logged on via the primary) is that why they are having to logoff/logon?   Or should it be a more seamless transition and perhaps something isn't set quite right?   If that is the way it should work I am fine with it, just want to make sure.
Thanks!
0
Comment
Question by:BCHCAdmin
3 Comments
 
LVL 16

Assisted Solution

by:uescomp
uescomp earned 100 total points
ID: 38764407
Yes because the accounts authenticate to the AD server, if that server goes down they will probably get prompt for a username and password but will not be able to authenticate because AD is down so it does not know what to do, a simple log off and login fixes it because the user account reauthenticates to the server.

I assume you have 2 domain controllers and they might not be in sync or DHCP is not configured correctly in which Primary DNS should point to your primary domain controller and then Secondary DNS should point to your 2nd domain controller.  If the primary goes down users should be unaffected (maybe a little bit of lag but not noticable) because the system should fail-over to the 2nd domain controller according to DNS.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 150 total points
ID: 38764410
Are clients pointing to both for DNS?   Are both DCs Global Catalogs?  

They should failover to the other DC, see this blog from Florian

http://www.frickelsoft.net/blog/?p=278

Thanks

Mike
0
 

Author Comment

by:BCHCAdmin
ID: 38775077
mkline71,
Our DHCP server had not been updated with the DNS for our second domain controller so I changed that.    It was pointing to an old DC for secondary DNS.  

Both machines are global catalogs.  

Do you think the DNS secondary server not being correct may have been playing a part in this?
Thanks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now