Second domain controller

G

Guest

I recently added a second domain controller to my active directory. Two days
later I brought down the (PDC). Users were not able to authenticate to the
other domain controller...does anyone know why?
 
H

Harj

Hi,

Well, are these clients pointed to the old PDC as their primary DNS
server?
If so how are they going to get to the new server with the DNS server
off?


Harj Singh
"Power Your Active Directory Investment"
www.specopssoft.com
 
P

Paul Bergson

Could be dns or it could be no Global Catalog server exists.

Check your clients and see where they are pointing for dns services. Or did
you even install a second dns server on the first DC?

GC
http://support.microsoft.com/default.aspx?scid=kb;en-us;313994

--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup

This posting is provided "AS IS" with no warranties, and confers no rights.
 
G

Guest

I have DNS running on the first DC (PDC) but not on the second DC
(BDC)...thats probably my problem, right?
 
P

Paul Bergson

That is the problem, how about the Global Catalog piece.

If the old server is a non-AD integrated server follow the instructions from
the link below. Once complete go to the second server and isntall dns on
it, the system will sutomatically populate everything and start serving up
client requests. Then you need to go to each client and point the dns
services to both servers (Or just the new one if the old is going away).

http://support.microsoft.com/default.aspx?scid=kb;en-us;198437

--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup

This posting is provided "AS IS" with no warranties, and confers no rights.
 
T

Tim.Olsen

Paul is right on the money.

One more thing to consider, if you had only one DC, it held all the
FSMO's. You don't say how you brought down the other DC, If it wasn't
via a dcpromo the FSMO's didn't get moved. If the original DC is not
back up, you'll need to seize those roles and do some metadata cleanup
too before you can call it done.

Regards,
Tim.Olsen
 
G

Guest

I do use dcpromo to "donwgrade" the old DC to a member server. And used
DCPROMO on the new DC. But I will try Pauls DNS notes.

Thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Active Directory root server problem 1
Missing DC in ADSS Default-first-site NTDS Settings 9
Global Catalog 8
setup additional domain controller 2
How to set a new PDC in an Active Directory 2
Can not add second DC to active directory domain 3
Secondary Domain Controller DNS 3
VPN server without domain controller 0

Top