Re: Multi homed DC

In news:69729d41-9c83-47f8-ab8c-6f22745cb727@xxxxxxxxxxxxxxxxxxxxxxxxxxxx,
Thomas <familienkragh@xxxxxxxxx> typed:
Yeah I read all the warnings after I tried this.. Now I suffer the
damage from it, and is trying to reverse what happened :(
Has a second network adapter really caused irreversible damage to the
domain controllers?

Not irreversible. However as Jorge said, it's usually problematic. Why is
it multihomed? Is it a router offering NAT or just connected to two
networks?

If connected to two networks, I would suggest to pick one of the networks
and jsut use that one, as you had been doing, and let the routers route the
traffic. If the NICs are the same models and teamable (depends on
manufacturer, their software and model #) , I would suggest to team the
NICs.

If it was being used as a router, I would suggest to get a Linksys or better
yet, a Cisco PIX to offer internet services and secured and firewalled NAT.

As far as the duplicate name that is possibly happening with NetBIOS or
browser errors, the DC that holds the PDC Emulator FSMO role will be the
machine that become the master browser. In your case, I assume it to be the
machine that you are referring to as tehe "PDC." I would suggest to check:
WINS for duplicate names (if using WINS). If you find it, delete the
offending IP.

Run:
nbtstat -c (see what is in the netbios cache). If it shows two scopes, I
would make sure the other NIC is disabled.
nbtstat -R (clears the cache - which I suggest).

If using WINS for DNS resolution (a setting in the zone properties in DNS),
I would find the duplicate name and IP and delete the offending one. I would
do this anyway even if not using WINS.

Also look for the "(same as parent) duplicate IP address and delete that
entry.

As well also look in _msdcs.gc folder. Delete the offending entry if in
there as well.

Note: The terms PDC and BDC are legacy NT4 terminology that do not apply to
AD domain controllers. AD DCs are 'replicas' and each offer different
services for the domain, one of which is to act like a PDC for an NT4 domain
in mixed mode, and if the domain levels are raised to Windows 2000 or
Windows 2003, it offers password synchronization, time sync, and other
services.

I assumed you are familiar with browstat.exe since you mentioned it. Take a
look at this interesting tool as well:
830578 - NBLookup.exe Command-Line Utility [works like nslookup, but for
NetBIOS names]:
http://support.microsoft.com/?id=830578

I hope that helps.

Ace



.

Relevant Pages

  • Re: Multi homed DC
    ... If connected to two networks, I would suggest to pick one of the networks ... the DC that holds the PDC Emulator FSMO role will be the ... WINS for duplicate names. ... I would find the duplicate name and IP and delete the offending one. ...
    (microsoft.public.windows.server.active_directory)
  • Prob w/ win 2K Networking
    ... Logon failure: The user has not been granted the requested ... Also, the PDC is unable to manage his computer, and cannot ... Microsoft Knowledge base article 249918 mentions this ... does not log into other networks, he does use a "Net Use" ...
    (microsoft.public.win2000.security)