Solved

secondary domain controller

Posted on 2014-09-05
16
305 Views
Last Modified: 2014-09-09
i have domain controller DC with windows server 2012
i want to add secondary
i did adding additional based on the following article
http://kpytko.pl/2012/09/07/adding-additional-domain-controller-windows-server-2012/

now if i tried to to join some computer to domain i will give error
and if i ping the domain it give the IP for the new DC which i need it as secondary only?!??!?
any suggestion?
 how can i solve this and how can i add secondary domain controller i have network of 30 clients
0
Comment
Question by:Sawyer
  • 6
  • 4
  • 3
  • +2
16 Comments
 
LVL 14

Expert Comment

by:Brad Groux
ID: 40306317
I'm sorry but I don't fully understand your question.

- At what point in the domain controller promotion process does it fail?
- What error does it give you when it fails?

Also, I don't understand your "ping" comment. Both domain controllers should have different yet dedicated IP addresses within the same subnet.
0
 

Author Comment

by:Sawyer
ID: 40306336
i tried to join new client to the domain and it gave error
The operation failed because:
The attempt to join this computer to the “windowslab.local” domain failed.
“The request is not supported.”


and about ping i mean
my domain name is domain.com
DC1 172.16.1.1
DC2 the new one is 172.16.1.2
when i use cmd to ping  domain.com it gave 172.16.1.2 where before it was gave the ip of 172.16.1.1

any suggestion
if you state to me how to manage to have a secondary DC? should i enable or disable some roleS? should i have DNS also in the secondary DC, and should it have the role of Global Cataloge also or not??
0
 
LVL 14

Expert Comment

by:Brad Groux
ID: 40306352
Having DNS on all DCs is optional (but generally recommended). When you ping the domain from a client, DNS gives priority to local subnet domain controllers, and since both domain controllers are on the same subnet - the one that replies first responds. Both can be available, and clients will contact each at various times. Active Directory is "distributive" and the KCC (Knowledge Consistency Checker) within AD is smart enough to make those routing decisions for the clients automatically.

As far as the client failing to join the domain, why are you trying to join it to windowslab.local when you have said that your domain name is domain.com? Try joining it to domain.com.
0
 

Expert Comment

by:iamalexcohen
ID: 40306362
What edition of Windows Server are you running? Type ver from a cmd prompt and supply the output please
0
 

Author Comment

by:Sawyer
ID: 40306384
windows server 2012 datacenter
0
 

Author Comment

by:Sawyer
ID: 40306389
windows server 2012 r2 datacenter
0
 
LVL 1

Accepted Solution

by:
HospitalITGuy earned 300 total points
ID: 40306535
Go into the network properties of the computer you're trying to join.
ncpa.cpl >properties >

Disable ipv6 protocol and manually configure your DNS server.
Then try joining to the domain again.

Domain
0
 

Expert Comment

by:iamalexcohen
ID: 40306583
Are you entering the IP address of the primary DC/DNS server in the TCP/IP properties? Make sure the server is not pointing to itself
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Expert Comment

by:iamalexcohen
ID: 40306589
If it is pointing to the right location, please provide at what step you are getting the error -- and the actual error...either by screen shot or copy and paste the actual text from the logs.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40306944
Can you post screenshots of the process you're going through to promote the second DC and to join a client to the domain?

On the secondary server that you're trying to promote you need to set its DNS server address to the primary DC only.  You should not use any other IP address, especially the secondary server's own IP or its loopback - it's not a DNS server yet.  Also, for troubleshooting purposes turn the firewall off at both servers.

I wouldn't usually advise to disable IPv6.  Microsoft suggest leaving IPv6 enabled on all interfaces.
0
 

Author Comment

by:Sawyer
ID: 40307318
should i add the server to domain before adding it as secondayr DC or not?!
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40307414
No you don't need to join the server as a member server before you promote it.
0
 

Author Comment

by:Sawyer
ID: 40307799
iamalexcohen
i remove the dns from the secondayr DC; it was pointing to 127.0.0.1 and i think the problem solved after that
thank you

craigbeck
the thing that when i did the setup i already join the server to domain then i promote it as secondary dc; now it works fine but should i re do this installation again ???
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 200 total points
ID: 40307837
If it was a member server its fine. The point I was making is that it doesn't have to be for it to be promoted to a DC.
0
 

Expert Comment

by:iamalexcohen
ID: 40309183
Although 'craigbeck' is absolutely correct -- I recommend that you first join the domain. Just as a test to make sure your DNS and network settings are correct. Please let us know if you have been able to join the domain and/or promote your DC.
0
 

Author Comment

by:Sawyer
ID: 40312058
yes its solved
the cause for the issue that the DNS in the additional domain controller was 127.0.0.1
thats all

thanks for you everybody
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now