General discussion


Secondary DC's dont work?

By keith ·
Have a Win2k domain with the master DC and 2 others for backup DC roles. As a test I dropped the master DC to see if the other 2 would pick up as they should, well they didnt at all. Everything from email (exchange 2003) to login\internet access was dropped until I rebooted the primary DC.

I researched the web (technet, etc) for any whitepapers on this but didnt see anything specifically... any ideas?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by adembo In reply to Secondary DC's dont work?

First of all, I guess I dont understand what you mean about master DC. There is no such thing as primary and backup DC, as were the case in NT. You are referring to an Active Directory domain, correct? If so, and you are getting the problem you say, you dont have replication occuring the way it should. Do you have sites created, and if so, do you have the site link bridges configured properly?

I think you need to give us a little more detail about your schema and the way you have things setup.

Collapse -

by adembo In reply to

Can you see all of your users accounts on all of the other Domain Controllers?

I would definately check to make sure that the clients have one of the other servers as a DNS server. Are you using DHCP? If so, how are you assinging your DNS?

9 times out of 10 its a DNS problem in a situation like this.

Hope this helps. Good Luck.

Collapse -

by keith In reply to Secondary DC's dont work?

Let me expand on what I mean, based on the reply i got.

I realize with win2k\2003 that PDC\BDC's are no longer, but here locally we wanted protection against the DC hardware crashing (or some other catastrophic event with the dc) so we brought up more then 1 DC. I wasnt sure what to call them and in our IT classes they were referred to as "master DC" and "secondary DCs", for lack of better terms.

I was thinking it was a replication issue and I realise its hard (impossible usually) to troubleshoot this type of thing this way, but just wanted some ideas so I shall go the replication route as originally planned.

If anyone has run across this before and feels like sharing the results feel free.

Collapse -

by CG IT In reply to Secondary DC's dont work?

All DCs within a domain do not automatically pickup the the Global Catalog role [A global catalog server allows users to log into the domain]. All DCs within a domain do not automatically assume all the roles that are automatically assigned to the first DC at the root of the domain.

Collapse -

by CG IT In reply to
Collapse -

by p.j.hutchison In reply to Secondary DC's dont work?

In Windows 2000 and 2003, all DCs have r/w copies of the directory database. The only things that cannot be shared are the FSMO roles:
1. Schema Master
2. PDC Emulator
3. Domain Master
4. Infrastructure Master
5. RID Master

By default, these roles are on the first DC you build. Since you turned off the first DC, you may have turned off all the FSMO roles as well and the domain stopped working. You can move the roles to other servers to distribute them.

You can also disable/enable Global Catalog feature, usually you can enable it on all DCs.

Collapse -

by hitchcock4 In reply to Secondary DC's dont work?

I agree with "CG IT": for the Exchange problems you are experiencing, it is because there was no other Global Catalog present at the time. You can make other DCs into a GC (but I would not do that to all DCs).

Also: do you have just 1 DNS server, or are you using 2 or 3 DNS servers? I recommend 2. If you turn off the DC which is also the only DNS server, then that could cause more issues.

Make sure that at least other DC is also a DNS server.

Related Discussions

Related Forums