We moved to AD last year after many, many years on an NT domain.
Though I'm not totally clueless, I'm no supremo either.
I've been doing some 'disaster recovery' testing, which involves me turning off one of my DC's (I have 2) and seeing what happens.
Users can still login (obviously being validated by the remaining DC), but users that are already logged in (who had their account details validated by the offline DC), can not access any network resources - unless they log off and log back in (to be validated by the remaining DC).
I know the answer is probably 'no', but does anyone know is there is a way to stop this from happening - in an idealistic world, if the DC you logged in via wasn't available anymore, Windows would go and ask another one to confirm your permissions.
Though I'm not totally clueless, I'm no supremo either.
I've been doing some 'disaster recovery' testing, which involves me turning off one of my DC's (I have 2) and seeing what happens.
Users can still login (obviously being validated by the remaining DC), but users that are already logged in (who had their account details validated by the offline DC), can not access any network resources - unless they log off and log back in (to be validated by the remaining DC).
I know the answer is probably 'no', but does anyone know is there is a way to stop this from happening - in an idealistic world, if the DC you logged in via wasn't available anymore, Windows would go and ask another one to confirm your permissions.
