When Local Domain Controller is down other DC's wont authenticates users
I have 6 locations each one has a DC; the NOC has a Master Global Catalog and Infrastructure Master. So 8 DC's in all Each DC runs DNS, WINS and DHCP if needed. I ran across something odd and Im not sure on how to fix it. Say my local DC dies shouldnt my users be able to authenticate there login from another DC when their local DC is down? Ive been seeing local users not being able to login until the local DC is up. I thought they would go and look for a DC at the other locations. Any thoughts?
May 30th, 2012 5:03pm

are these seperate sites?Regards, Bill
Free Windows Admin Tool Kit Click here and download it now
May 30th, 2012 6:27pm

At first thougth maybe the DNS configured on those PC might block you. I assume they got listed only the local DC's DNS.MCP | MCTS 70-236: Exchange Server 2007, Configuring
May 30th, 2012 9:26pm

To locate an alternate domain controller the clients should be able to query DNS for the remote DC's SRV records. What DNS settings are pushed to the clients (via DHCP?) if they only point to the local DC for DNS as you mentioned , when that DC/DNS server is down clients have no way to look for other DCs in the domain as DNS zone is unavailable. Configure DHCP scope options and static machines to point to an alternate DNS server preferably the one at head office. Try to ping/nsloookup DCs in the remote site to see if the hostname resolves successfully when this happens next time. Make sure replication between all DCs is working as expected, run repadmin /showrpl. Run dcdiag on problem DCs to diagnose AD issues. Let me know for more help. Sachin Gadhave MCP, MCSA, MCTS
Free Windows Admin Tool Kit Click here and download it now
May 30th, 2012 11:42pm

Do have the sites and services setup? How the DNS is defined in your AD ? Check the clients are having both primary and secondary DNS IP address . Primary should be local DNS and secondary should be Remote DNS server IP address. Also you need to make sure all the DC have register their SRV records in DNS , If any of the Entry missing restart the netlogon server on the DC so that it can register its generic records in DNS Regards, _Prashant_MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.
May 31st, 2012 2:39am

Hello, you have tom assure that they have an up and running DNS server configured on the NIC otherwise DCLocator process cannot start. So is that the case?Best regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
May 31st, 2012 6:37am

I will look in to the SRV records. To locate an alternate domain controller the clients should be able to query DNS for the remote DC's SRV records. What DNS settings are pushed to the clients (via DHCP?) if they only point to the local DC for DNS as you mentioned , when that DC/DNS server is down clients have no way to look for other DCs in the domain as DNS zone is unavailable. Configure DHCP scope options and static machines to point to an alternate DNS server preferably the one at head office. Try to ping/nsloookup DCs in the remote site to see if the hostname resolves successfully when this happens next time. Make sure replication between all DCs is working as expected, run repadmin /showrpl. Run dcdiag on problem DCs to diagnose AD issues. Let me know for more help. Sachin Gadhave MCP, MCSA, MCTS
June 7th, 2012 7:11pm

are these seperate sites? Regards, Bill Yes they are.
Free Windows Admin Tool Kit Click here and download it now
June 7th, 2012 7:12pm

At first thougth maybe the DNS configured on those PC might block you. I assume they got listed only the local DC's DNS. MCP | MCTS 70-236: Exchange Server 2007, Configuring They point to our local DC and one in our NOC.
June 7th, 2012 7:13pm

Does the VPN tunnel block any traffic ? Service overview and network port requirements for the Windows Server systemMCP | MCTS 70-236: Exchange Server 2007, Configuring
Free Windows Admin Tool Kit Click here and download it now
June 7th, 2012 9:42pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics