I have 2 DC's or at least I thought I did.
Setup
2 DC's (2003)
8 Members servers
DC #1 - DHCP, Pri DNS, Exch2003, WINS, FileShare
DC #2 - FileShare, Doc Mgt sys, Time/Billing, PrintServer, 2nd DNS
Both DC's are catalog servers as I recall.
Issue
When I shutdown my 1st DC (with Exch2003) we appear to be having authentication issues. Computers boot very slow and logons are even slower, you eventually get in but logon scripts seem to hang.
If you are already logged in you can still access mapped drives but that even seems slow, some staff were getting access denied.
Our Citrix servers would not allow new applications to be launched for about 10mins but seem to work after even with the 1st DC down.
Our document mgt system is giving staff access denied for some staff as well.
I am guessing some of this may be determined depending which DC was your logon server?
I assumed that by turing off 1 DC all should be well for all staff and that they would only lose the services provided by the down DC.
I have noticed some events that suggest the DC's are not commumicating
Event 2088 found on our 1st DC
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below.
Event 40960 found on our 1st DC
The Security System detected an authentication error for the server ldap/ServerName. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
Event 1030 from workstaions
Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.
For more information, see Help and Support Center at
Event 40961 from workstaions
The Security System could not establish a secured connection with the server ldap/Servername.DomainName.com/DomainName.com@DomainName.com. No authentication protocol was available.
For more information, see Help and Support Center at
Setup
2 DC's (2003)
8 Members servers
DC #1 - DHCP, Pri DNS, Exch2003, WINS, FileShare
DC #2 - FileShare, Doc Mgt sys, Time/Billing, PrintServer, 2nd DNS
Both DC's are catalog servers as I recall.
Issue
When I shutdown my 1st DC (with Exch2003) we appear to be having authentication issues. Computers boot very slow and logons are even slower, you eventually get in but logon scripts seem to hang.
If you are already logged in you can still access mapped drives but that even seems slow, some staff were getting access denied.
Our Citrix servers would not allow new applications to be launched for about 10mins but seem to work after even with the 1st DC down.
Our document mgt system is giving staff access denied for some staff as well.
I am guessing some of this may be determined depending which DC was your logon server?
I assumed that by turing off 1 DC all should be well for all staff and that they would only lose the services provided by the down DC.
I have noticed some events that suggest the DC's are not commumicating
Event 2088 found on our 1st DC
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below.
Event 40960 found on our 1st DC
The Security System detected an authentication error for the server ldap/ServerName. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
Event 1030 from workstaions
Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine.
For more information, see Help and Support Center at
Event 40961 from workstaions
The Security System could not establish a secured connection with the server ldap/Servername.DomainName.com/DomainName.com@DomainName.com. No authentication protocol was available.
For more information, see Help and Support Center at
