Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Active Directory Logon Question

Posted on 2013-01-10
3
Medium Priority
?
281 Views
Last Modified: 2013-01-24
Have a general question about Active Directory Logon.   We have a WIndows 2008 server acting as domain controler.   Also have another 2008 server running active directory services as well.  I can see that some computers when they logon are logging on to our domain via the 1st server (primary I call it) and some onto our secondary.   My question is that sometimes when we do updates and restart our primary server some users need to logoff and log back on during that time.   Because of that restart (and the fact that they were logged on via the primary) is that why they are having to logoff/logon?   Or should it be a more seamless transition and perhaps something isn't set quite right?   If that is the way it should work I am fine with it, just want to make sure.
Thanks!
0
Comment
Question by:BCHCAdmin
3 Comments
 
LVL 16

Assisted Solution

by:uescomp
uescomp earned 400 total points
ID: 38764407
Yes because the accounts authenticate to the AD server, if that server goes down they will probably get prompt for a username and password but will not be able to authenticate because AD is down so it does not know what to do, a simple log off and login fixes it because the user account reauthenticates to the server.

I assume you have 2 domain controllers and they might not be in sync or DHCP is not configured correctly in which Primary DNS should point to your primary domain controller and then Secondary DNS should point to your 2nd domain controller.  If the primary goes down users should be unaffected (maybe a little bit of lag but not noticable) because the system should fail-over to the 2nd domain controller according to DNS.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 600 total points
ID: 38764410
Are clients pointing to both for DNS?   Are both DCs Global Catalogs?  

They should failover to the other DC, see this blog from Florian

http://www.frickelsoft.net/blog/?p=278

Thanks

Mike
0
 

Author Comment

by:BCHCAdmin
ID: 38775077
mkline71,
Our DHCP server had not been updated with the DNS for our second domain controller so I changed that.    It was pointing to an old DC for secondary DNS.  

Both machines are global catalogs.  

Do you think the DNS secondary server not being correct may have been playing a part in this?
Thanks
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question