AD Redundancy

M

MStrider

Ok, here's the scenario

I have 4 Win2k DC's, 2 on one site and 2 on the other.

The sites are connected by a 256k Kilostream Leased Line

I have made each server a GCS, and each server is a DNS server.

DHCP is taking care of without reliance on the above servers.

Exchange 2000 standard resides on one of the servers, which is also the
First DC.


I am trying to achieve redundancy, so that if any of the DC's go, even the
first one, AD will continue to function correctly, and I can add another
Server and DCpromo it.

I appreciate that there is no redundancy for Exchange, but in the event of
failure, I would install it on another DC.


Any tips on redundancy gratefully appreciated.
 
S

Simon Geary

From an AD point of view you seem to have everything covered. So long as
clients are registered to use more than one DNS server they will still be
able to contact a DC if one failed. If clients are registered with all 4 DNS
servers they will be able to log on even if three of them fail. Just bear in
mind your FSMO roles that may need to be seized if they fail permanently.
The PDC Emulator role is the only one that should be seized as soon as the
holder fails. The other roles can wait until the server is repaired.
 
M

MStrider

thanks for that

I clearly need to learn about FSMO roles.

regarding PDC emulator - if I have no pre 2k machines, then this is not
needed?

how do I tell a DC it is the PDC emulator?

any tips on where I can learn and understand FSMO? I read up on GC's, but
FSMO is something that I honestly know little about.
 
E

Enkidu

The roles are always there. All five roles are assigned during the
process of building a Domain/Tree/Forest, automatically. You only have
to worry about them when you need to move them or have a failed server
that holds a FSMO role. There are guidelines as to the best
positioning of the roles, but unless you have a large and active AD
setup, it's not likely to matter much.

They can be moved by using the usual AD admin tools.

Here's a summary (watch the line wrap)

http://www.microsoft.com/resources/...tion/IIS/6/all/proddocs/en-us/sag_ADFSMOs.asp

or http://tinyurl.com/2emf4

The PDC Emulator is still required in a native mode Domain. One of the
things that it is required for is as the master time source and it
also preferentially receives certain security related updates, such as
password changes.

Cheers,

Cliff

{MVP - Directory Services}
 
M

MStrider

thanks!


Enkidu said:
The roles are always there. All five roles are assigned during the
process of building a Domain/Tree/Forest, automatically. You only have
to worry about them when you need to move them or have a failed server
that holds a FSMO role. There are guidelines as to the best
positioning of the roles, but unless you have a large and active AD
setup, it's not likely to matter much.

They can be moved by using the usual AD admin tools.

Here's a summary (watch the line wrap)

http://www.microsoft.com/resources/...tion/IIS/6/all/proddocs/en-us/sag_ADFSMOs.asp

or http://tinyurl.com/2emf4

The PDC Emulator is still required in a native mode Domain. One of the
things that it is required for is as the master time source and it
also preferentially receives certain security related updates, such as
password changes.

Cheers,

Cliff

{MVP - Directory Services}
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

IM on GCS 5
Failed Domain Controller 1
restoring AD 1
MS Access Avoiding redundancy 1
AD Redundancy - Domain Controller redundancy 4
Replicate AD to remote server? 1
AD Replication 2
Windows 2000 Domain with Windows 2003 DC's?? 6

Top