Additional DC not functioning if the Primary DC is down !!
-
@Dashrender said:
@IT-ADMIN said:
@coliver said:
What version of AD/Windows Server are you running?
both are windows server 2008 entreprise R2
Wow - hefty licenses there.
No, we already now that about his organization.
-
@JaredBusch said:
The preferred DNS server of the network card in your domain controllers should always point to themselves. Well, assuming that you are using standard Windows DNS.
The alternate should then be the other DC.
On DC 1
DNS Preferred: 127.0.0.1
DNS Alternate: 192.168.1.XX <- IP of DC2On DC 2
DNS Preferred: 127.0.0.1
DNS Alternate: 192.168.1.XX <- IP of DC1I typically point to the other DC for my Preferred DNS, and myself second. This allows for faster booting, but I see reasons for either way.
-
i'm so sorry for this delay, because it is midnight here, so do you think DNS setting make sense even if the DC2 is offline ??
-
Best explanation regarding this that I've seen. See Jay's response:
http://community.spiceworks.com/topic/post/4301599 -
let us suppose that DC2 is offline and cannot see DC1 (which is the main reason i want to make DC2 for high availability) how DNS setting make any difference ??
-
Yes.
Let's assume DC2 is offline, but you want to see if you can run ADUC on DC2. When you run ADUC it uses DNS to try to open and failes.
But if you put in 127.0.0.1 as JB suggests, then it will still work, even with the network card unplugged.
-
@Dashrender said:
Yes.
Let's assume DC2 is offline, but you want to see if you can run ADUC on DC2. When you run ADUC it uses DNS to try to open and failes.
But if you put in 127.0.0.1 as JB suggests, then it will still work, even with the network card unplugged.
i tried that, i put the primary DNS as 127.0.0.1 but still cannot open ADUC,
-
While you had both DCs on the network together, where you able to connect ADUC to DC2?
-
i have a question please : do i have an issue or not, in another word: does DC1 (who has FSMO) should be online in order for DC2 to work properly or it is not a condition ???
-
@Dashrender said:
While you had both DCs on the network together, where you able to connect ADUC to DC2?
i'm able to open ADUC in DC2 only if DC2 can see DC1, as soon as i unplug DC2 from the network i cannot open ADUC
DC2 it is kind of a mirror right now, it is useless, it is nothing without DC1 -
@IT-ADMIN said:
i have a question please : do i have an issue or not, in another word: does DC1 (who has FSMO) should be online in order for DC2 to work properly or it is not a condition ???
That is not a requirement.
and because you are having problems when you turn off DC1, it appears that your DC2 is broken. -
-
@Dashrender said:
@IT-ADMIN said:
i have a question please : do i have an issue or not, in another word: does DC1 (who has FSMO) should be online in order for DC2 to work properly or it is not a condition ???
That is not a requirement.
and because you are having problems when you turn off DC1, it appears that your DC2 is broken.ah now i can see, so i have an issue here, damn glad to know that lol
-
for the IP setting of DC1, unfortunately i'm home now, but i know its setting very well
DC1 :
IP : 192.168.15.250
Subnet: 255.255.255.0
gatway : 192.168.15.1P DNS : 192.168.15.250
S DNS : 192.168.15.1 -
the 2 site are connected via VPN
-
OK a possible huge issue is that you are pointing your secondary DNS to x.x.x.1, which is your default gateway, and unless you're using a Domain Controller as a default gateway is a very bad idea.
Windows machines should only ever point to your own DNS servers, more specifically, Windows DNS servers, assuming they are the backbone of your internal network.
If you put something like Google's DNS (8.8.8.8) as a secondary and the machine flips over to using that DNS server, that computer will never find your domain again until it's force to flip back, which will only happen on a reboot or a loss of internet connectivity.
Assuming DC2 is
IP 192.168.1.249
Subnet 255.255.255.0
DF 192.168.1.1
DNS1 192.168.1.249
DNS2 192.168.1.1 (change this to DC1 IP address)I wonder if your DNS is working on DC2.
-
While both servers are on the network, Open DNS applet. Like ADUC switch to DC2. Check the DNS entries - are they there?
You can open another DNS applet and point it to DC1, then compare. They should be identical. -
Also, while you're at it, Open a command prompt on DC2 and run dcdiag
-
sorry guys, it is 1.35 AM, i have to sleep now
to be continued ... -
@IT-ADMIN said:
sorry guys, it is 1.35 AM, i have to sleep now
to be continued ...2:30 am here. Still going.