2 DC in 1 domain disaster question..

  • Thread starter Thread starter Thomas
  • Start date Start date
T

Thomas

Hi,

I have 2 DCs in a domain called corp.com. DC1 is the first DC of the
domain, it's also the DNS server for AD. DC2 is the additional DC for the
corp.com domain (with no DNS). They are both running Win2003 SP1 Standard
Edition.

I want to know if DC1 fails and will be offline for a while, do I need to
install DNS on DC2? Also, do I need to reconfig all the client NICs to
point the DNS setting to DC2?

TIA,

Tom
 
Thomas,

My experience is that you'll likely need to set up DNS on your other DC for
all sorts of reasons, including the ability to resolve web URLs from your
domain.

Depending on how long "a while" wil be, you may need to move your FSMO roles
to DC 2 if you haven't already done so.
 
Thomas said:
Hi,

I have 2 DCs in a domain called corp.com. DC1 is the first DC of the
domain, it's also the DNS server for AD. DC2 is the additional DC for the
corp.com domain (with no DNS). They are both running Win2003 SP1 Standard
Edition.
Click to expand...
I want to know if DC1 fails and will be offline for a while, do I need to
install DNS on DC2?
Yes.

Also, do I need to reconfig all the client NICs to point the DNS setting
to DC2?
Click to expand...

Yes.

Make them both DNS servers; make them both AD integrated DNS.

Make them both GCs.

Set all DNS clients (including servers and even these DCs)
to use one of them as PREFERRED DNS and the other as
ALTERNATE DNS.

If either is a file server you might even consider an Enterprise
DFS file server set with automatic replication so even your
file server will stay online.
 
Thanks Herb.

I have transferred all the FSMO roles from DC1 to DC2. DC2 is now the
global catalog server and also the DNS server. I have turned the DC1 off.
However, I have a question regarding the GPO. When I got to view the GPO on
DC2, it seems as if it was back to the default setting. I'm just using the
default domain GPO. Everything is set to "not configured" state. However,
the client's setting does prove that the correct GPO is applied to it. It's
just that it's not showing correctly on DC2. I ran "gpresult" on the XP
Client and it's getting the GPO from DC2, which is correct. Any suggestions
on why the GPO in DC2 is not the same as DC1 before? (at least I can tell
it's not the same by just viewing it)

TIA,

Tom

Herb Martin said:
Thomas said:
Hi,

I have 2 DCs in a domain called corp.com. DC1 is the first DC of the
domain, it's also the DNS server for AD. DC2 is the additional DC for
the corp.com domain (with no DNS). They are both running Win2003 SP1
Standard Edition.
Click to expand...
I want to know if DC1 fails and will be offline for a while, do I need to
install DNS on DC2?
Yes.

Also, do I need to reconfig all the client NICs to point the DNS setting
to DC2?
Click to expand...

Yes.

Make them both DNS servers; make them both AD integrated DNS.

Make them both GCs.

Set all DNS clients (including servers and even these DCs)
to use one of them as PREFERRED DNS and the other as
ALTERNATE DNS.

If either is a file server you might even consider an Enterprise
DFS file server set with automatic replication so even your
file server will stay online.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
TIA,

Tom
Click to expand...
Click to expand...
 
Thomas said:
Thanks Herb.

I have transferred all the FSMO roles from DC1 to DC2. DC2 is now the
global catalog server and also the DNS server. I have turned the DC1 off.
Click to expand...

It's best to do a DCPromo to non-DC before removing a DC.

You can manually clean up AD with NTDSUtil but why put
yourself to all that trouble.
However, I have a question regarding the GPO. When I got to view the GPO
on DC2, it seems as if it was back to the default setting. I'm just using
the default domain GPO. Everything is set to "not configured" state.
However, the client's setting does prove that the correct GPO is applied
to it. It's just that it's not showing correctly on DC2. I ran
"gpresult" on the XP Client and it's getting the GPO from DC2, which is
correct. Any suggestions on why the GPO in DC2 is not the same as DC1
before? (at least I can tell it's not the same by just viewing it)
Click to expand...

Did you check for DC replication (e.g., run DCDiag) to make
sure your DC2 had the same stuff as your DC1?

If so, and the client is getting the GPO from DC2 it seems that
it is doing what it is supposed to do...



--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
TIA,

Tom

Herb Martin said:
Thomas said:
Hi,

I have 2 DCs in a domain called corp.com. DC1 is the first DC of the
domain, it's also the DNS server for AD. DC2 is the additional DC for
the corp.com domain (with no DNS). They are both running Win2003 SP1
Standard Edition.
Click to expand...
I want to know if DC1 fails and will be offline for a while, do I need
to install DNS on DC2?
Yes.

Also, do I need to reconfig all the client NICs to point the DNS setting
to DC2?
Click to expand...

Yes.

Make them both DNS servers; make them both AD integrated DNS.

Make them both GCs.

Set all DNS clients (including servers and even these DCs)
to use one of them as PREFERRED DNS and the other as
ALTERNATE DNS.

If either is a file server you might even consider an Enterprise
DFS file server set with automatic replication so even your
file server will stay online.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
TIA,

Tom
Click to expand...
Click to expand...
Click to expand...
 
Back
Top