Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows 2003 - When down / Rebooting

Status
Not open for further replies.
Sikosis

Sikosis

IS-IT--Management
May 29, 2001
4
0
0
AU
We have two Windows 2003 Servers at work, both set as Domain Controllers.

One is what we like to call the PDC (yes old term but it fits) and the other a BDC, even though they both do the same job.

The problem is ... when we restart the PDC for updates, etc - if a user has not logged onto the system, they can't log in at all. The 2nd Windows box won't do the authenicating for them, even though I have seen it do it during the day when I have checked to see what their Logon Server was.

I've also checked that the BDC is listed as a secondary DNS server, so it should work.

I'm guessing its a DHCP issue ...

Any ideas ?
 
Sort by date Sort by votes
Sounds like a DNS configuration issue.
Check both domain controllers two make sure each server is pointing to themselves and to each other as a DNS servers. It doesnt matter if DC01 points to itself as primary or secondary, the only issue I have seen (and confirmed with Microsoft) is if the DC points to itself as primary, it's own reboot takes a little longer as it has to wait for the DNS Service to start locally.

Check your workstations to make sure they have both DNS servers in the TCP/IP config. You mentioned DHCP, if the scope options for DNS have both servers configed check that you clents are set to get their DNS setting from a DCHP server.
 
Upvote 0 Downvote
Are all FSMO roles on your PDC? If so, and your PDC goes down, NEW users could have trouble logging into the domain
 
Upvote 0 Downvote
Make sure you make your secondary domain controller a global catalog server also. In the absence of a GC, regular users will not be able to logon to the domain. It looks like this role is only on your primary domain controller
 
Upvote 0 Downvote
In order to allow user to log on when the "pdc" is down the "bdc" must have a copy of the global catalog. to do this:

Goto AD sites and services, default-first-site-name, servers.
right click on the ntds settings of the "bdc" and make sure there is a tick in the global catalog box.

Await replication, i usually wait 12-24 hours. (probably too long). after replication, shutdown the "pdc" and test the "bdc" by logging on from a workstation.

 
Upvote 0 Downvote
bobsa32 is correct regarding the infrastructure master, if you have a multi-domain forest. If you have a single domian with only two domain controllers then do as suggested above, make both of them GCs. You don't have to be concerned with the infrastructure master running on one of the two GCs in a single domain environment.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
225
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
245
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
191
antonio_dsanchez
antonio_dsanchez
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
301
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
230
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top