backup DC - DC2 - I guess, you are referring to that as an additional Domain controller. Theses 2 are replication partners......... I wanted users to be able to still login if DC #1 goes down.... what needs to be in place so that DC #2 will authenticate users in leiu of DC1 going offline ? Configure DC2 as Global Catalog and make sure to use DC2 IP as secondary DNS on client machines. Once DNS configuration updated on client machines, take DC1 offline and and allow users to log on to domain. If users are able to log on to the domain without any issues, that confirms failover is working seamlessly. How would I test this (without havingto put DC1 offline) Configure DC2 IP as primary DNS on client machines. Once configuration is updated, allow users to log on. You may verify the log on server by running below command from any client machine echo %logonserver%I do not represent the organisation I work for, all the opinions expressed here are my own. This posting is provided "AS IS" with no warranties or guarantees and confers no rights. - .... .- -. -.- ... --..-- ... .- -. - --- ... ....

Hi, Agree with Santosh. You can configure both DC's as global catalog servers and point both servers as DNS servers in clients IP configuration. And also you need to understand DClocator process. Not all the users are always authenticate to specific DC. The client uses the DNS server to locate a DC in a site. DC locator is the service name which is responsible for assigning a logon DC to the client. So If your site has 2 DC's the client will get both DC's as logon servers and the client would choose one of the DC's. If the DC's are in different sites you can configure the sites and services to point the client to correct DC in a site. AD authentication always distributed based on the sites and services you configured. If your server is office for short period of time you will not be facing any issues. If the server is offline for a longer period you may need to sieze the roles to the new server. Domain Controller Locator : an overview http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/05/domain-controller-locator-an-overview.aspx How DNS Support for Active Directory Works http://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx Regards, Rafic If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

Hello , I have 2 DC's one is my primary and the other the backup (using old terminology) Theses 2 are replication partners......... I wanted users to be able to still login if DC #1 goes down.... what needs to be in place so that DC #2 will authenticate users in leiu of DC1 going offline ? How would I test this (without havingto put DC1 offline)

backup DC - DC2 - I guess, you are referring to that as an additional Domain controller. Theses 2 are replication partners......... I wanted users to be able to still login if DC #1 goes down.... what needs to be in place so that DC #2 will authenticate users in leiu of DC1 going offline ? Configure DC2 as Global Catalog and make sure to use DC2 IP as secondary DNS on client machines. Once DNS configuration updated on client machines, take DC1 offline and and allow users to log on to domain. If users are able to log on to the domain without any issues, that confirms failover is working seamlessly. How would I test this (without havingto put DC1 offline) Configure DC2 IP as primary DNS on client machines. Once configuration is updated, allow users to log on. You may verify the log on server by running below command from any client machine echo %logonserver%I do not represent the organisation I work for, all the opinions expressed here are my own. This posting is provided "AS IS" with no warranties or guarantees and confers no rights. - .... .- -. -.- ... --..-- ... .- -. - --- ... ....

Hi, Agree with Santosh. You can configure both DC's as global catalog servers and point both servers as DNS servers in clients IP configuration. And also you need to understand DClocator process. Not all the users are always authenticate to specific DC. The client uses the DNS server to locate a DC in a site. DC locator is the service name which is responsible for assigning a logon DC to the client. So If your site has 2 DC's the client will get both DC's as logon servers and the client would choose one of the DC's. If the DC's are in different sites you can configure the sites and services to point the client to correct DC in a site. AD authentication always distributed based on the sites and services you configured. If your server is office for short period of time you will not be facing any issues. If the server is offline for a longer period you may need to sieze the roles to the new server. Domain Controller Locator : an overview http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/05/domain-controller-locator-an-overview.aspx How DNS Support for Active Directory Works http://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx Regards, Rafic If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

Daniel, What are you using for DHCP. If DC1 is currently issuing IP address then this will only work until the IPs need to be renewed. If DC1 is offline for an extended period you will have no DHCP server to issue IP addresses. Other than that the provided answers are good.

Daniel, What are you using for DHCP. If DC1 is currently issuing IP address then this will only work until the IPs need to be renewed. If DC1 is offline for an extended period you will have no DHCP server to issue IP addresses. Other than that the provided answers are good.

Hi, There is no backup dc, all DCs within a same domain are the same and have all information for the domain. To enable users could logon to domain, make sure that the client point to the right DNS server and could contact to those DC. We could set two DNS server to make sure that when one server is down, we could use another to do name resolution. Regards, Yan Li TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here. Yan Li TechNet Community Support

You must have missed my earlier explaination where I outlined that I was using whatto me, was "old terminology"