Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows Server 2012 -- domain controller FAILOVER ?

Posted on 2014-12-10
6
Medium Priority
?
500 Views
Last Modified: 2014-12-23
My two 50-user locations are connected via
20MB fiber and each has ONE domain controller.

How can I setup so if an ON-SITE domain controller
is down it uses the REMOTE domain controller instead
or do I need two domain controllers at each location ?
0
Comment
Question by:finance_teacher
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 400 total points
ID: 40492255
Are you experiencing issues now?  It should just work.  Sites allow for "favored" authentication to a server but do not preclude authentication from other sites.
0
 
LVL 59

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 800 total points
ID: 40492262
As long as you've defined your sites in sites and services and clients have DNS settings pointing to DNS servers that are up, this will happen automatically. You don't need to make special changes.
0
 

Author Comment

by:finance_teacher
ID: 40492494
Currently each domain controller (one at each site)
also does DNS for the 50 users at each site.

Site #1 Example, 192.168.1.1
    ** Primary DNS Server = Site #1, 192.168.1.1
    ** Secondary DNS Server = Site #2, 192.168.2.1
----------------------------------------------------------------------------------------------------------------
What do you recommend since it seems like the below happens ?

  ** login to a computer @ site #1 using a NEW, non-cached account
  ** see that above Primary DNS Server & Secondary DNS Server are correct
  ** turn off Primary DNS Server
  ** login to a NEW computer @ site #1 using a NEW, non-cached account
  ** login as the CACHED user instead
  ** do PING
            ** 192.168.1.1 is down
            ** 192.168.2.1 is up

I was assuming login to a NEW computer @ site #1 using a NEW,
non-cached account would work since the backup, 192.168.2.1, is up
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 10

Assisted Solution

by:Walter Padrón
Walter Padrón earned 800 total points
ID: 40492499
You must setup DNS properly.

In Site_A the primary DNS must be server DC_A and secondary DNS must be server DC_B
In Site_B the primary DNS must be server DC_B and secondary DNS must be server DC_A

DC = Domain Controller and i suppose DNS is installed there
0
 
LVL 59

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 800 total points
ID: 40492511
Logging I with both cached and new non-cached would work. The primary DNS server would be down either way so the secondary would be used to find DCs, and DCs would be contacted using site metrics until one responds. Cached credentials would only be used if all DCs or DNS servers failed to respond. As said previously, when set up properly, this "just works."
0
 
LVL 10

Accepted Solution

by:
Walter Padrón earned 800 total points
ID: 40492515
In Active Directory Sites and Services create two Sites and put one DC in each, create two Subnets one for each site and assign them to the proper Sites created before. After that authentication must succeed no matter the site where you logon.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question