ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Additional DC not functioning if the Primary DC is down !!

    IT Discussion
    active directory
    7
    61
    7.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IT-ADMINI
      IT-ADMIN
      last edited by IT-ADMIN

      now the DC2 is offline and i set a static IP to it and set DNS to point to himself (because it is offline)
      after i enter his ip, it shows online but giving me error message

      0_1455045931145_444444.png

      IT-ADMINI 1 Reply Last reply Reply Quote 0
      • IT-ADMINI
        IT-ADMIN @IT-ADMIN
        last edited by

        @IT-ADMIN 0_1455046058773_2016-02-09_222702.png

        DashrenderD 1 Reply Last reply Reply Quote 0
        • coliverC
          coliver @IT-ADMIN
          last edited by

          @IT-ADMIN said:

          @Dashrender said:

          With the working DC online, when you go to ADUC and look under the Domain Controllers OU, do you see both servers?

          yeah in DC1, i can see in both DC in domain controllers OU

          Can you switch to DC2 when DC1 is online?

          1 Reply Last reply Reply Quote 0
          • JaredBuschJ
            JaredBusch
            last edited by JaredBusch

            The preferred DNS server of the network card in your domain controllers should always point to themselves. Well, assuming that you are using standard Windows DNS.

            The alternate should then be the other DC.

            On DC 1
            DNS Preferred: 127.0.0.1
            DNS Alternate: 192.168.1.XX <- IP of DC2

            On DC 2
            DNS Preferred: 127.0.0.1
            DNS Alternate: 192.168.1.XX <- IP of DC1

            DashrenderD 1 Reply Last reply Reply Quote 1
            • JaredBuschJ
              JaredBusch @Dashrender
              last edited by

              @Dashrender said:

              @IT-ADMIN said:

              @coliver said:

              What version of AD/Windows Server are you running?

              both are windows server 2008 entreprise R2

              Wow - hefty licenses there.

              No, we already now that about his organization.

              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender @JaredBusch
                last edited by

                @JaredBusch said:

                The preferred DNS server of the network card in your domain controllers should always point to themselves. Well, assuming that you are using standard Windows DNS.

                The alternate should then be the other DC.

                On DC 1
                DNS Preferred: 127.0.0.1
                DNS Alternate: 192.168.1.XX <- IP of DC2

                On DC 2
                DNS Preferred: 127.0.0.1
                DNS Alternate: 192.168.1.XX <- IP of DC1

                I typically point to the other DC for my Preferred DNS, and myself second. This allows for faster booting, but I see reasons for either way.

                1 Reply Last reply Reply Quote 0
                • IT-ADMINI
                  IT-ADMIN
                  last edited by

                  i'm so sorry for this delay, because it is midnight here, so do you think DNS setting make sense even if the DC2 is offline ??

                  1 Reply Last reply Reply Quote 0
                  • DenisKelleyD
                    DenisKelley
                    last edited by

                    Best explanation regarding this that I've seen. See Jay's response:
                    http://community.spiceworks.com/topic/post/4301599

                    1 Reply Last reply Reply Quote 0
                    • IT-ADMINI
                      IT-ADMIN
                      last edited by

                      let us suppose that DC2 is offline and cannot see DC1 (which is the main reason i want to make DC2 for high availability) how DNS setting make any difference ??

                      1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender
                        last edited by

                        Yes.

                        Let's assume DC2 is offline, but you want to see if you can run ADUC on DC2. When you run ADUC it uses DNS to try to open and failes.

                        But if you put in 127.0.0.1 as JB suggests, then it will still work, even with the network card unplugged.

                        IT-ADMINI 1 Reply Last reply Reply Quote 0
                        • IT-ADMINI
                          IT-ADMIN @Dashrender
                          last edited by IT-ADMIN

                          @Dashrender said:

                          Yes.

                          Let's assume DC2 is offline, but you want to see if you can run ADUC on DC2. When you run ADUC it uses DNS to try to open and failes.

                          But if you put in 127.0.0.1 as JB suggests, then it will still work, even with the network card unplugged.

                          i tried that, i put the primary DNS as 127.0.0.1 but still cannot open ADUC,

                          1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender
                            last edited by

                            While you had both DCs on the network together, where you able to connect ADUC to DC2?

                            IT-ADMINI 1 Reply Last reply Reply Quote 0
                            • IT-ADMINI
                              IT-ADMIN
                              last edited by

                              i have a question please : do i have an issue or not, in another word: does DC1 (who has FSMO) should be online in order for DC2 to work properly or it is not a condition ???

                              DashrenderD 1 Reply Last reply Reply Quote 0
                              • IT-ADMINI
                                IT-ADMIN @Dashrender
                                last edited by

                                @Dashrender said:

                                While you had both DCs on the network together, where you able to connect ADUC to DC2?

                                i'm able to open ADUC in DC2 only if DC2 can see DC1, as soon as i unplug DC2 from the network i cannot open ADUC
                                DC2 it is kind of a mirror right now, it is useless, it is nothing without DC1

                                1 Reply Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @IT-ADMIN
                                  last edited by

                                  @IT-ADMIN said:

                                  i have a question please : do i have an issue or not, in another word: does DC1 (who has FSMO) should be online in order for DC2 to work properly or it is not a condition ???

                                  That is not a requirement.
                                  and because you are having problems when you turn off DC1, it appears that your DC2 is broken.

                                  IT-ADMINI 1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @IT-ADMIN
                                    last edited by

                                    @IT-ADMIN said:

                                    @IT-ADMIN 0_1455046058773_2016-02-09_222702.png

                                    If possible, please show the above panel for DC1 next to DC2

                                    1 Reply Last reply Reply Quote 0
                                    • IT-ADMINI
                                      IT-ADMIN @Dashrender
                                      last edited by IT-ADMIN

                                      @Dashrender said:

                                      @IT-ADMIN said:

                                      i have a question please : do i have an issue or not, in another word: does DC1 (who has FSMO) should be online in order for DC2 to work properly or it is not a condition ???

                                      That is not a requirement.
                                      and because you are having problems when you turn off DC1, it appears that your DC2 is broken.

                                      ah now i can see, so i have an issue here, damn glad to know that lol

                                      1 Reply Last reply Reply Quote 0
                                      • IT-ADMINI
                                        IT-ADMIN
                                        last edited by

                                        for the IP setting of DC1, unfortunately i'm home now, but i know its setting very well

                                        DC1 :
                                        IP : 192.168.15.250
                                        Subnet: 255.255.255.0
                                        gatway : 192.168.15.1

                                        P DNS : 192.168.15.250
                                        S DNS : 192.168.15.1

                                        1 Reply Last reply Reply Quote 0
                                        • IT-ADMINI
                                          IT-ADMIN
                                          last edited by

                                          the 2 site are connected via VPN

                                          1 Reply Last reply Reply Quote 0
                                          • DashrenderD
                                            Dashrender
                                            last edited by

                                            OK a possible huge issue is that you are pointing your secondary DNS to x.x.x.1, which is your default gateway, and unless you're using a Domain Controller as a default gateway is a very bad idea.

                                            Windows machines should only ever point to your own DNS servers, more specifically, Windows DNS servers, assuming they are the backbone of your internal network.

                                            If you put something like Google's DNS (8.8.8.8) as a secondary and the machine flips over to using that DNS server, that computer will never find your domain again until it's force to flip back, which will only happen on a reboot or a loss of internet connectivity.

                                            Assuming DC2 is
                                            IP 192.168.1.249
                                            Subnet 255.255.255.0
                                            DF 192.168.1.1
                                            DNS1 192.168.1.249
                                            DNS2 192.168.1.1 (change this to DC1 IP address)

                                            I wonder if your DNS is working on DC2.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 2 / 4
                                            • First post
                                              Last post