logon

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

hi to all,
We have a problem in login if the master DC win2k is down. however we have 4
DC to serve the authentication. how can we make sure that to load the
balance. I think the authentication is burn in master DC for all host. Pls
need an urgent help,
Thanks in advance.
 
In order to ensure that other DCs can answer authentication requests you
need to ensure that the clients are pointing to more than one internal DNS
server (usually DCs) and that all DCs have correctly registered in DNS.

In your case, I assume that the DC that does the logon's is also the DNS
server? When that box is down, how can clients lookup other DCs if they
can't get an answer from DNS.

It is also recommended that you have at least two GCs. In a single domain
environment (or a small forest) I would recommend that all DCs are GCs. You
make a DC a GC like this:
-- http://www.msresource.net/content/view/25/47/


If you've not done so already, I suggest you make your DNS Active
Directory-Integrated. There's a small section in this article that shows
you how to do this:
-- http://www.msresource.net/content/view/24/47/


Hope this helps,


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

hi to all,
We have a problem in login if the master DC win2k is down. however we have 4
DC to serve the authentication. how can we make sure that to load the
balance. I think the authentication is burn in master DC for all host. Pls
need an urgent help,
Thanks in advance.
 
Ditto to what Paul stated!

It is generally recommended that in a small environment ( specifically a
single-domain Forest ) that all Domain Controllers are also Global Catalog
Servers. Check to make sure that you are running DDNS on at least two of
the Domain Controllers and that your DHCP Server give out the correct
information ( options 003, 006 and 015.....and 044 and 046 if running WINS
.....at the very least ) along with the IP Address lease. The big on is
Option 006 where the client is given the DNS Server(s) information. Make
sure that it is giving out only your internal DNS Server information. There
is no place in here for your ISP's DNS information. That belongs in the
Forwarders tab in the FLZ in your DNS MMC.

Also, if there are other problems you might want to consider running the
Support Tools on all of your Servers ( Domain Controllers, Member Servers,
etc. ) and run dcdiag /c /v on the Domain Controllers and netdiag /v on all
of your servers. You might also want to run repadmin /v ( or repadmin
/showreps and repadmin /showconn ) on all of the domain controllers. This
will give you a better idea of what is going on with your environment.
netdom query fsmo might also be a good thing to run.......

--
Cary W. Shultz
Roanoke, VA 24014
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com
 
Back
Top