Secondary DC

  • Thread starter Thread starter Heya
  • Start date Start date
H

Heya

Basically we are thinking about getting a new server for
our current AD Domain, and then converting from static IPs
to DHCP for the network.

I would like to bring in our new Server and Promote it
right away and then demote our other back to a Secondary,
under the assumption that I will get an increase in
redundancy, ie when I shut my PDC down the SDC will handle
things until the PDC comes back up.

We have not even started this yet, I am simply asking if
thats basically the right idea and I am thinking in the
right direction.

Joe
 
You will have redundancy except for the 5 FSMO roles that need to be
transferred before the original DC is taken off line.
See:
Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a Domain Controller

http://support.microsoft.com/default.aspx?scid=kb;en-us;255504

HOW TO: View and Transfer FSMO Roles in the Graphical User Interface

http://support.microsoft.com/default.aspx?scid=kb;en-us;255690

Flexible Single Master Operation Transfer and Seizure Process

http://support.microsoft.com/default.aspx?scid=kb;en-us;223787

FSMO Placement and Optimization on Windows 2000 Domain Controllers

http://support.microsoft.com/default.aspx?scid=kb;en-us;223346





You will need to move the Global Catalog also.

See:

How to: Create or Move a Global Catalog in Windows 2000

http://support.microsoft.com/default.aspx?scid=kb;en-us;313994



Also your first DC may be the DNS server for the domain. You can transfer
the DNS info by installing DNS on the second DC and making the zone AD
Integrated.



Of course you will need to work out how you will transfer user files to the
second DC.



hth

DDS W 2k MVP MCSE
 
--------------------
| Content-Class: urn:content-classes:message
| From: "Heya" <[email protected]>
| Sender: "Heya" <[email protected]>
| Subject: Secondary DC
| Date: Tue, 2 Dec 2003 14:57:20 -0800
| Lines: 16
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Thread-Index: AcO5J6RhBuB2HbBbT3a59Blz+j8kWw==
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Newsgroups: microsoft.public.win2000.active_directory
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.active_directory:58276
| NNTP-Posting-Host: tk2msftngxa11.phx.gbl 10.40.1.163
| X-Tomcat-NG: microsoft.public.win2000.active_directory
|
|
| Basically we are thinking about getting a new server for
| our current AD Domain, and then converting from static IPs
| to DHCP for the network.
|
| I would like to bring in our new Server and Promote it
| right away and then demote our other back to a Secondary,
| under the assumption that I will get an increase in
| redundancy, ie when I shut my PDC down the SDC will handle
| things until the PDC comes back up.
|
| We have not even started this yet, I am simply asking if
| thats basically the right idea and I am thinking in the
| right direction.
|
| Joe
|


Joe,

In a Windows 2000 environment there is no such thing as a primary and
secondary/backup domain controller. If you bring up a second Windows 2000
Domain Controlller, both domain controller are masters of the domain. Both
have writable copies of the Active Directory. If one goes down, the other
will pickup handling logon requests. There are 5 special roles that exist
in a Windows 2000 domain. These are known as the Flexible Single Master
Operation (FSMO) roles. Any Windows 2000 domain controller can hold one or
more of these roles. By default, they exist on the first DC in the forest.
For more information about FSMO roles, please read:

223346 FSMO Placement and Optimization on Windows 2000 Domain Controllers
http://support.microsoft.com/?id=223346

Do not get confused with the notion that adding a second domain controller
to the network means that it will have a copy of all the files and services
running on the first domain controller. By default it will not. For
example, you will have to add and configure DNS on the second DC if you
want DNS to be redundant. Any user file share will need to be copied over
to the new DC also.

Chad A. Lacy
Windows 2000 Directory Services

==================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================
This posting is provided "AS IS" with no warranties, and confers no rights.
 
Joe,

Your thinking is mostly correct, but I have included a few clarifications.
Once you add a 2nd DC to your domain, you will not demote your original DC.
If you do that, you will still only end up with one DC. What you will want
to do is transfer the PDC emulator role from your original DC to the new DC.
That way, you will still have 2 DCs in your domain. The following link will
provide a document that explains how to transfer your FSMO roles.
http://support.microsoft.com/?id=255690

Let me know if you have any other questions.


Ray Lava
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights
 
Back
Top