Re: DC replacement
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Wed, 12 Apr 2006 11:09:21 -0500
"JimyJohn" <JimyJohn@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:24A65B97-318E-4657-8E39-DAD539EDFCEE@xxxxxxxxxxxxxxxx
Herb, thanks for your reply!
Yes there are two DCs and we only need to replace one. The concern is that
when we shut off one of the DCs and the client recieving, say tickets from
that server will error instead of just finding the other DC. I assumed
that
is how it would work, failing over automaticaly, but my friend suggested
that
in his experience clients connected to the shut off server would error
and
require re-logon.
No, likely he has had experience with malfunctioning
DCs which is usually due to DNS problems so that when
one goes down the other isn't really usable.
Even under NT (long before Kerberos tickets) the client
machines would switch over to another DC.
As for replacement plan I thought we could just create a new DC and join
it
into the Forrest/Domain. ASR would work too but thought that was more of a
DR
tool.
A lot of people underestimate the uses of ASR -- it and
"REPAIR installs" are among the best kept OPEN 'secrets'
for recovering, moving, and salvaging Windows machines.
My impression is that you just wanted to replace hardware
with the least network disturbance.
If the DC doesn't do anything else significant you can just
add the other DC as you plan.
Generally, I would do that first -- then remove the departing
one.
Also make sure the departing DC is not taking your (only)GC,
FSMO roles, or a DNS server on which the clients depend.
(Also WINS server fits in here.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Thanks again.
Regards, John
"Herb Martin" wrote:
"JimyJohn" <JimyJohn@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DFD9111D-4078-425A-89E8-B8AFF285169E@xxxxxxxxxxxxxxxx
We are to replace the hardward under a 2003 Domain controller.
I think it is in a 2003 forrest and domain. single office, no sites.
There are 2 DCs plus third on a VM.
A friend told me that to replace a DCs would cause logged on users to
get
errors and have to re-logon. Is that true?
It would be nice to make this transparent to Users.
Do you have other DCs online and available (locally)
so that this DC can just be stopped normally?
Authentication will proceed (ticket renews and such too)
with another DC if this one goes down.
If true, is there a way to have a DC stop accepting new logons so this
DC
may be phased out? Possibly a utility to show the what logons a DC is
maintaining currently?
Client machines are designed to find another DC when
their "secure channel" DC disappears. IF this were not
true you would have trouble every time you rebooted a
DC.
Any help would be very much appreiciated.
How are you going to do the transfer?
(ASR might help.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Regards, John
.
- Follow-Ups:
- Re: DC replacement
- From: JimyJohn
- Re: DC replacement
- References:
- Re: DC replacement
- From: Herb Martin
- Re: DC replacement
- From: JimyJohn
- Re: DC replacement
- Prev by Date: Re: should a dhcp server also be a DC or DNS?
- Next by Date: Re: Adding a 2003R2 x64 DC to an existing 2003 x32 DC
- Previous by thread: Re: DC replacement
- Next by thread: Re: DC replacement
- Index(es):
Relevant Pages
|
