What do you mean by automatic failover? In AD if you have more then 1 domain controller you have redundancy as AD is replicated between the DCs. If you have DNS running on your DCs and it is AD integrated that is also replicated.
From a client machine perspective it doesn't care which DC authenticates it. Just be sure that in your DHCP setup you specify at least 2 of your domain controllers as the DNS servers then if 1 DC goes splat they will use the other for authentication and name resolution.
Paul
MCTS: Exchange 2007, Configuration
MCSA:2003
MCSE:2003
MCITP:Enterprise Administrator
If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
Quote: when DC1 chokes, does the domain continue to function without intervention?
Depends on the level of "choke", if it is holding FSMO roles and you do not plan on restoring from backup, you will need to seize those roles over to the functioning DC.
Seizing FSMO Roles in case of unrepairable Domain Controller:
You also have to plan or whatever else you may be running on the DC. Some orgs will put DHCP and other services on DCs. If you do that, you need to have contingency plans. Microsoft talks about the 80/20 split for DHCP which would get you some 'failover' of that service. YMMV.
Pat RichardMVP Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
DC1 chokes. <cough> Yikes! <groan> dx the problem, have to wait 4 hours for Dell replacement part. Then fix/replace whatever it is. Then bring DC1 back online.
Somewhere around <Yikes!> the boss has a hissy fit because we are down. I dont want to have the "at least 4 hours" conversation. I want DC2 to provide user logons, GPs, etc and assuming the user files have been copied to DC2, most people can continue to work to some extent in the meantime. Is that a fantasy?
DC1 has the FISMO roles. What residual problems does siezing those roles present after DC1 comes back up?
No it's not a fantasy, AD is redundant when you have more than one DC because that's how it was designed. It's called multi master replication.. All the critical bits like user accounts and group policys are replicated to all domain controllers by default.
As others have said you need to consider your DHCP setup so that PCs still get IP addresses should a DHCP server fail.
If you can grab this book, it will tell you all you need to know about AD;
Cool. Consultant is telling me doing this is frought with problems, siezing the roles of DC1 being the problem. Im in the middle of the network upgrade, about to configure the second DC now.
Im checking with you guys if I am getting bad info.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.