Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Backup Domain Controller 1

Status
Not open for further replies.
Excalibur1701

Excalibur1701

MIS
Feb 14, 2003
99
US
We had a power outage, and our Primary Domain controller shut down. When power was restored, our PDC did not come up immediately because of a hardware issue.

Users were not able to log on our domain.

My question is this: Shouldn't the users be allowed to log on using our Backup Domain Controller? This server was up the entire time. Do you have to promote a BDC to be primary, in order to use it?

All servers are Windows Server 2003, SP1
 
Sort by date Sort by votes
Is your second DC a GC server? In Sites and Services, check to ensure both DC's are Global Catalog servers.

BTW, with 2000 and beyond, there are no more PDC's and BDC's.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.
The poster formerly known as lander215
 
Upvote 0 Downvote
If you first DC has been lost and users can't authenticate, then you had lost your FSMO roles. In particular the PDC Emulator role which is important to the authentication process. If I understand correctly though, this server is back up again?

In cases where you lose the first DC in a domain/forest, you will need to seize the FSMO roles related to this. It sounds pretty serious (which it is) but it is quite strait forward.



A real important piece of information is that if you do seize these roles, the original server that managed these roles should probably not be recovered. It may be wise to restore it without a network cable connected and demote it via DCPromo to a member server and then connect the cable and DCPromo it to be a DC that does not hold the FSMO roles.

Good luck




"Assumption is the mother of all f#%kups!
 
Upvote 0 Downvote
Thanks for the suggestions.

Davetoo,

I looked at Sites and Services on our "backup" controller, and under the NTDS settings, there is not a check mark on the Global Catalog option. Do I need to click that? Our "primary" one has it checked.
 
Upvote 0 Downvote
Excalibur1701,
yes check the Global Catalog option for the "backup" DC. This should enable users to log in even if the server holding all FSMO roles is offline.

Check here for more info on FSMO roles


All you need in this life is ignorance and confidence; then success is sure.
- Mark Twain
 
Upvote 0 Downvote
Yes, enable your second DC as a GC. This way if/when you perform routine maintenance (i.e. reboot Tuesday from Microsoft), your users can still login/out while one of the DC's is down.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.
The poster formerly known as lander215
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
1K
goombawaho
goombawaho
Teo En Ming
  • Locked
  • Question
Actions taken during Disaster Recovery for client whose IBM Megaraid controller has failed
Replies
2
Views
668
fightaccording
fightaccording
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
375
ADB100
ADB100
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
864
fredmartinmaine
fredmartinmaine
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
961
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top