Windows 2000 Server DC Fail over.

  • Thread starter Thread starter ScottB
  • Start date Start date
S

ScottB

I haven't been able to successfully promote my second
domain controller, when shutting the primary down.
I'm getting a message saying that there are no logon
servers available. I missing a step and not sure what it
is.
 
ScottB said:
I haven't been able to successfully promote my second
domain controller, when shutting the primary down.
I'm getting a message saying that there are no logon
servers available. I missing a step and not sure what it
is.
Click to expand...

Can you explain what you are trying to achieve? You can't promote a new
server in an existing domain if no existing DCs are present to login and
replicate with. Neither can you expect an existing DC to participate in a
domain its not a member of.
 
-----Original Message-----



Can you explain what you are trying to achieve? You can't promote a new
server in an existing domain if no existing DCs are present to login and
replicate with. Neither can you expect an existing DC to participate in a
domain its not a member of.




.
I have just promoted a member server to DC via dcpromo,
Click to expand...
in an existing domain. Now I have 2 DC's but all of the
info I have found doesn't really explain the steps to
replicate from one to the other. Then promote the new one.
 
ScottB said:
in an existing domain. Now I have 2 DC's but all of the
info I have found doesn't really explain the steps to
replicate from one to the other. Then promote the new one.
Click to expand...

The KCC (Knowledge Consistency Checker) sets up the replication for you
automatically. A member server participates in the domain and dcpromo allows
the schema and security database to be copied and DCs to replicate within
that domain.

You can't use a standalone server to promote it into a DC without joining
the target domain because the resulting DC will generate a unique, seperate
domain.

This becomes obvious once you realize that names mean nothing in W2K. Its
perfectly feasable to run 2 domains in the same physical network with the
exact same name. Only SIDs matter. After rereading your original Post, it
seems that you have a misunderstanding about how DCs receive the domain's
database. Its impossible to promote a member server into an existing domain
if you shutdown the only DC available. You can't receive a copy of the
schema and security database unless you are authenticated in the domain and
dcpromo is executed.

If it wasn't so, anyone, anywhere could join and modify any domain on the
planet at will. <shudders>

You'll find a lot of resources about AD replication:
http://labmice.techtarget.com/activedirectory/AD_replication.htm
 
Back
Top