Solved

Active directory

Posted on 2014-04-24
4
187 Views
Last Modified: 2014-04-24
Hi all ,
I have two dc's 2008 std and one of them holding the all 5 fsmo rules
Dc1 fsmo
Dc2

Yesterday dc1 went down and users could still login to the system.
1. How long can users login after dc goes down?

I went over the internet and there is no really straight foreword explanation.
0
Comment
Question by:Moti Mashiah
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 167 total points
ID: 40019859
As long as DC2 is up they should be able to logon.   DC2 in this case is also a GC and I'm assuming has DNS.

The FSMO roles don't affect logins.

If DC1 is down longer than the Tombstone Lifetime then you will have some cleanup work to do.

Thanks

Mike
0
 
LVL 30

Assisted Solution

by:Rich Weissler
Rich Weissler earned 167 total points
ID: 40019870
If I understand the question, you're asking how long after DC1 goes down can users continue to log into the domain, assuming DC2 stays up?
DC1 has all the FSMO roles, but I assume DNS and Global Catalogs are on each of the two servers.  (Or, if not, if there were only a single global catalog, it shouldn't be in DC1 anyway.)

There is nothing about the situation that would prevent users from logging in.  I don't want to say, 'forever'... because there would eventually be other problems, but this is one of the primary reasons to have more than one DC in an environment... so users can continue to log in to the domain.
0
 
LVL 9

Assisted Solution

by:Red-King
Red-King earned 166 total points
ID: 40019899
I recall that a DC will 'tombstone' in AD after 2 weeks.
You can forcefully have DC2 assume/seize the FSMO roles.
See the following MS article
http://support.microsoft.com/kb/255504

Rory
0
 
LVL 1

Author Closing Comment

by:Moti Mashiah
ID: 40019919
Was really helpful thank you very much.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question