Solved

server 2012 -  2nd DC

Posted on 2015-02-11
7
70 Views
Last Modified: 2015-02-12
Hi All,
i have setup a 2nd DC for my environment as below:
I built the 2nd sever - then added the Roles ADDS & DNS - then promoted it to a DC - followed the steps to add it too a existing domain then followed the wizard all seems ok..  after this i have made sure replication works - also on DC1 within DHCP i have added the IP for DC2 in the DNS servers - is there anything else that needs to be done?? also does below look ok?  i dont need to add the DNS IP of DC2 in DC1 do i?
DC1:
IP: 192.168.1.2
Sub:255.255.255.0
gateway: 192.168.1.1
DNS: 192.168.1.2

DC2:
IP: 192.168.1.3
sub & gateway same as DC1
DNS Primary: 192.168.1.2
DNS secondary: 192.168.1.3
0
Comment
Question by:jag b
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 250 total points
ID: 40603489
You should have a secondary IP from another DNS server in the DNS settings on the domain controller. This will mitigate the island affect if something becomes wrong with the Domain Controller in question. Same goes for DC1, it should have DNS for DC2 as a secondary.

The only other thing i would suggest if you haven't already would be to setup DC2 as a Global Catalog server as well. This is done via Sites and Services.

Check replication and health using the following commands...
repadmin /replsum
repadmin /showprepl
repadmin /bridgeheads

netdom query dc
netdom query fsmo

dcdiag /v

Because you are using DSF-R for sysvol replication I would also recommend adding the DFS role on the domain controller from there you can run health reports against the domain controllers in your environment.

If all of the tests are successful you should be fine.

Will.
0
 

Author Comment

by:jag b
ID: 40603535
will - thanks for above..
I have now added the IP of DC2 to DC1 DNS as secondary DNS..
Global Catalog is ticked on both DC's under site&services NTDS Settings...

DFS role is this only on DC2?? (DFS replication under files and services?  whats the benefit of this and is it needed?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40603570
This is located under File Server, Distributed File System> check off DFS Replication. This allows you to run health reports, propegation tests and reports as well, from the DFS Management Console. I would recommend doing this as it is easy and useful info that is provided.

You can install this feature on both DC's.

Will.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 

Author Comment

by:jag b
ID: 40603579
cheers mate - i havent used this before as we only have 1 file server...... nothing else needs to be done on DC2 does it?
if in the long run i wanted to get rid of DC1 can this be done? (im using a old server that has sever 2012)  or is this bad practice?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40603626
Yeah you dont want to install the DFS namespace feature just the management feature.

if in the long run i wanted to get rid of DC1 can this be done?

You can just demote the 2012 server in the future if needed and re-promote a new 2012R2 server.

Will.
0
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 250 total points
ID: 40603715
I would also recommend running the AD Best Practices Analyzer on your boxes. You can do this in Server Manager: http://deployhappiness.com/best-practice-analyzer-consulant-box/
0
 

Author Closing Comment

by:jag b
ID: 40605170
excellent advice
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question