Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Domain Replicas/Best Practice

Status
Not open for further replies.
Jomercat

Jomercat

Programmer
Joined
Sep 1, 2004
Messages
100
Location
US
Hi all,

This is my first post here and I hope that I get some help.
I have three Windows 2000 Servers, two are in the same building and are configured as Master Domain and Replica Domain. I need to configure the third server, which is located in a remote location as a Domain Replica. The reason for this is that I do not want the remote stations to loose acces to local resources when our T1 goes down. Could anybody suggest what would be the best aproach for this situation?

Thanks in advance.

Jose.
 
Sort by date Sort by votes
What do you mean by Master Domain, Replica Domain and Domain Replica?

Are these domain controllers? Are they all in the same domain?
 
Upvote 0 Downvote
mlichstein,

Thanks for your reply!!

Yes in Windows 2000, as far as I know Microsoft calls Master Domain what used to be called PDC(Primary Domain Controller) in Windows NT and Domain Replica what used to be called BDC(Backup Domain Controller) in Windows NT.

Yes, they are all part of the same domain.

Thanks.

Jose.
 
Upvote 0 Downvote
It is recommended to have a domain controller in every site. This way, when the WAN connectivity is lost, the local DC will continue to authenticate the users to the domain.

Seeing that you already have connectivity from your remote location to your existing main office, you would only need to do the following:

1) ship new server to remote office
2) build this server as Windows 2000
3) install same version of service packs and hotfixes on this new machine
4) run DCPROMO to promote this server to domain controller
5) go into AD Sites and Services and create new AD SITE for this remote location. Do this by adding the subnets that the remote site has. Then related these subnets to a SITE. Next move the domain controller of this site into the new AD Site.
6) Install the DNS service on the new server.
7) Install the WINS service on the new server. ( if needed)
8) install the DHCP service on the new server.(if needed)
9) install any additional services that you need for this local site)
10) modify the DHCP scopes to include both DNS servers, WINS servers, etc. This adds redundancy to your network.
11) In DNS, make sure that your configure the forwarders in DNS to your ISP DNS servers.

-later


Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Thanks guys!!!

I already did everything Jpoandl mentions; however, when I try to replicate the Active directory I receive an error message.

My network is configured with a Master Domain and a Domain replica in one bulding and a Domain Replica at the Remote location.

Thanks.
 
Upvote 0 Downvote
We need the exact error message and where you are seeing the error message.

A better way to to replication is to create a test user account oon one DC. Wait and check to see if the account becomes visable on the remote DC. Do this test in both directions...

-later

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
The error says "The following error occurred during the attempt to contact the domain controllers. The RPC server is unavailable"

Again, this only happens when I try to manually replicate.
It seems to be replicating fine on the scheduled basis.

Thanks.
 
Upvote 0 Downvote
Upvote 0 Downvote
rpc server is not available is a problem

it indicates DNS lookup failures for the most part (95% of the time)
What happens on dcpromo (and for replication) is that the new server opens the endpoint mapper on port 135, after this mapper is opened, it attempts to bind to a DC using ports 1024-5000 (any in that range) to start the process. If it cannot send a packet with these ports, that error occurs...check out 179442 (the windows 2000 section). Where it says port 1024-65539 (or whatever..) ignroe that part because it is actually 1024-5000.

Normally these errors occur in replication due to closed ports on the firewalls and/r routers. 179442 will tell you what ports to open...make sure you open them both ways

AD replication is a total nother beast. Just because AD replication works does not mean FRS works.

damn working at microsoft had its advantages :)
 
Upvote 0 Downvote
ADgod,

Thanks for your advice!! I will take a look into our routers and firewall. That might be my problem.

Thanks.

Jose.
 
Upvote 0 Downvote
on a DC, install the support tools and run repadmin /showreps

if it gives an rpc server is unavailable message too, most likely that is your issue (firewall)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question Question
Domain join from wifi connected laptop
Replies
4
Views
1K
goombawaho
goombawaho
MattM1975
  • Locked
  • Question Question
Domain Admin Logon
Replies
2
Views
563
ADB100
ADB100
fredmartinmaine
  • Locked
  • Question Question
Domain Controller without DNS Server
Replies
4
Views
1K
fredmartinmaine
fredmartinmaine
maybeimaleo
  • Locked
  • Question Question
Is There a Best Windows OS to Upgrade a CA Server to?
Replies
5
Views
652
maybeimaleo
maybeimaleo
froggy8
  • Locked
  • Question Question
cant add my windows 7 pc to my domain
Replies
3
Views
475
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top