Solved

Active directory

Posted on 2014-04-24
4
184 Views
Last Modified: 2014-04-24
Hi all ,
I have two dc's 2008 std and one of them holding the all 5 fsmo rules
Dc1 fsmo
Dc2

Yesterday dc1 went down and users could still login to the system.
1. How long can users login after dc goes down?

I went over the internet and there is no really straight foreword explanation.
0
Comment
Question by:Moti Mashiah
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 167 total points
Comment Utility
As long as DC2 is up they should be able to logon.   DC2 in this case is also a GC and I'm assuming has DNS.

The FSMO roles don't affect logins.

If DC1 is down longer than the Tombstone Lifetime then you will have some cleanup work to do.

Thanks

Mike
0
 
LVL 29

Assisted Solution

by:Rich Weissler
Rich Weissler earned 167 total points
Comment Utility
If I understand the question, you're asking how long after DC1 goes down can users continue to log into the domain, assuming DC2 stays up?
DC1 has all the FSMO roles, but I assume DNS and Global Catalogs are on each of the two servers.  (Or, if not, if there were only a single global catalog, it shouldn't be in DC1 anyway.)

There is nothing about the situation that would prevent users from logging in.  I don't want to say, 'forever'... because there would eventually be other problems, but this is one of the primary reasons to have more than one DC in an environment... so users can continue to log in to the domain.
0
 
LVL 9

Assisted Solution

by:Red-King
Red-King earned 166 total points
Comment Utility
I recall that a DC will 'tombstone' in AD after 2 weeks.
You can forcefully have DC2 assume/seize the FSMO roles.
See the following MS article
http://support.microsoft.com/kb/255504

Rory
0
 
LVL 1

Author Closing Comment

by:Moti Mashiah
Comment Utility
Was really helpful thank you very much.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I'm sure that every Windows systems administrator has written, or at least used, a batch or VBS login script at some point in their career, whether it is to map network drives, install printers, or set some user preferences.  No more! With Window…
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now