Re: Multiple Domain Controllers -- who takes over if one is down?

From: Oscar (
Date: 10/18/04

Date: Mon, 18 Oct 2004 13:36:31 -0700

Thanks Mike for your answer. I answered all of your questions below. I
specifically had a new question based on one of your points...

You said:
....If domain controller fails client may need to reboot their computer...

We know this is the case right now and it works, so if a client reports
loss of connectivity they can reboot and the issue is solved. However
is there a way to have the domain, servers or client handle this event
on their own without having the user reboot? In other words, is there a
way to have the user "never know" that one of the DCs is unavailable?

Miha Pihler wrote:
> Hi Oscar,
> How are your domain controllers configured?
> * Make sure that you have at least two servers with global catalogs role
> assigned. If only one is assigned this role and this server goes down, users
> won't be able to logon.

> * Are all 3 of your server DNS servers? If you only have one server
> configured as DNS server and it fails, users won't be able to locate other
> servers since they use DNS service (to e.g locate global catalogs in
> domain)...

--- dc01 - schema master, dnaming master, pdc emulator, infrastructure
master - global catalogs
--- dc02 - dhcp, dns & master browser - global catalogs
--- ad3 - certificate services, dns & dhcp

> How are your clients configured?
> * Do they have one or more DNS servers configured under TCP/IP properties?
> If they have and this server that is listed as DNS server under TCP/IP
> properties fails, clients won't be able to look for other global catalogs in
> domain.

--- client systems do know about both dc01 and dc02.

> If domain controller fails client may need to reboot their computer. To find
> out which domain controller authenticated the client use this command
> echo %logonserver%
> Even with normal operation of your domain controllers clients should use
> different domain controllers...

--- what do you mean by "should" we looked at 6 or so clients and they
are authenticating to one or the other -- I assume as they are available.

> Mike
> "Oscar" <> wrote in message
> news:eTh9FzUtEHA.2196@TK2MSFTNGP14.phx.gbl...
>>Hello and thanks in advance to anyone that can help me.
>>Here's the scenario I'm refering to in my question.
>>1 Domain (2000 Native, migrated from NT4.0)
>>DC01 - Domain controller 1 - this is running the PDC emmulator (for
> NT4.0)
>>DC02 - Domain controller 2
>>DC03 - Domain controller 3 - Also doing Certificate Services
>>EX01 - Exchange 2000
>>EX02 - Exchange 2000
>>How can we ensure that if DC01 goes down users authenticated against it
>>do not loose connectivity/authentication? For example, one of our DCs
>>went down last night (specifically DC01). And this caused some people to
>>not be able to send email.
>>We thought that the DCs were redundant to where if one went down the
>>other 2 or at least one would "pick up the slack" and this process would
>>be transparent to the user.
>>I can answer any other questions you may need answers to so I you can
>>help me with this.
>>Can anyone point me in the right direction? I've looked around MS but
>>didnt find information on this, maybe I wasn't looking for the right
>>terms or I was looking in the wrong place. I also didn't find a more
>>appropriate group to post this on. Your help is greatly appreciated.
>>thank you.

Relevant Pages

  • Re: Client performance problem windows 2003 server...
    ... there and install an english client to be doing the errorsearching on. ... to the Windows 2000 server in site A that is a English ... >>be a DNS replication issue. ... >>results from not having a domain controller in a particular site. ...
  • Site-tosite VPN Issue
    ... Windows Server 2003 domain controller ... Mixture of PCs running Windows 2000 Profressional with SP3 and Windows XP ... the VPN to the Windows Server 2003 domain controller. ... 12.7MB file from the server to the client PC. ...
  • Re: Kerberos Error Message
    ... the domain controller which you reboot to alleviate the problem? ... > I know for certain there is no time difference between client and server. ... >> A good resource for troubleshooting Kerberos errors is the relatively new ...
  • Re: SAMR Communication between Client and Server
    ... The client and server were two separate virtual machines. ... I have setup a virtual machine of Windows NT 4 Server as a ... joined with this domain controller). ...
  • Re: Find GC in current domain
    ... On May 1, 10:16 pm, Magnus R ... What I am trying to do is found out what serverare Global Catalogs ... I never did such thing but i know enought that the domain controller ... drive of that server and get info from the GAL. ...