Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Andrzejek on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DC issues

Status
Not open for further replies.

KRPGroup

MIS
Jun 22, 2005
317
CA
I have 2 DC's or at least I thought I did.

Setup
2 DC's (2003)
8 Members servers
DC #1 - DHCP, Pri DNS, Exch2003, WINS, FileShare
DC #2 - FileShare, Doc Mgt sys, Time/Billing, PrintServer, 2nd DNS
Both DC's are catalog servers as I recall.


Issue
When I shutdown my 1st DC (with Exch2003) we appear to be having authentication issues. Computers boot very slow and logons are even slower, you eventually get in but logon scripts seem to hang.
If you are already logged in you can still access mapped drives but that even seems slow, some staff were getting access denied.
Our Citrix servers would not allow new applications to be launched for about 10mins but seem to work after even with the 1st DC down.
Our document mgt system is giving staff access denied for some staff as well.

I am guessing some of this may be determined depending which DC was your logon server?

I assumed that by turing off 1 DC all should be well for all staff and that they would only lose the services provided by the down DC.

I have noticed some events that suggest the DC's are not commumicating

Event 2088 found on our 1st DC
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below.

Event 40960 found on our 1st DC
The Security System detected an authentication error for the server ldap/ServerName. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.

Event 1030 from workstaions
Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.

For more information, see Help and Support Center at
Event 40961 from workstaions
The Security System could not establish a secured connection with the server ldap/Servername.DomainName.com/DomainName.com@DomainName.com. No authentication protocol was available.

For more information, see Help and Support Center at
 
First thing I would do is make sure the replication service working properly. It sounds as though it has stopped and the DC2 does not have updated AD login information from DC1.
 
What is the name of the service, I can't seem to find any thing with the word replication in it, unless i'm going blind.
 
The complete name is the "File Replication Service".

Look in your event viewer on both DCs and check for errors in the "File Replication Service" log.

(yay! shameless advertising. my side business)
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top