What if Domain Controller Fails

November 3, 2012 at 08:11:00
Specs: Windows 7
we have Primary Domain Controller (PDC) with name DC1, and Domain Name DC.local, and one Additional Domain Controller (ADC) with name DC2.
DNS and DHCP are also in PDC and ADC.
from three years i face no problem as Whatever change i made in PDC it replicated to ADC.
But last week our ADC i.e. DC1 become down, and we are unable to Ping the Domain DC.local, and we are also unable to open the local Web based applications (if i put IP address instead of Machine Name, It is Working).
but users are able to login to Domain with no problems.
- We have DNS integreted with AD
- Any change in DNS in DC1 replicated to DNS in DC2
I am Confused that why ADC i.e. DC2 is not Fully Replacing the PDC i.e. DC1

See More: What if Domain Controller Fails

Report •

November 3, 2012 at 09:08:44
There is no such thing as pdc or bdc or adc in Active Directory.

It would appear you did not make both dc's dns servers and global catalog holders as you should have. Then replication of these properties happens.

Install dns server on the presently live dc would be a start

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

November 3, 2012 at 11:08:14
Thanks for Reply, As I am New to this Field so some more Stupid Questions:

In Additional DC the DNS Records are Same as in Primary DC.

Now when Primary DC is down, User can Login with Domain Accounts but the Problem is we cannot ping the Machine Names and Domain Name i.e. DC.local.

So i am not getting you that How to install DNS on Live DC?

Report •

November 4, 2012 at 01:56:16
Clearly this is a DNS problem. So you need to go through a few trouble-shooting steps:

1. Check the properties of the DHCP server that is working to see what address it is giving for DNS server. Ideally it should give two addresses - the two DCs. You'll need to check that also on the other DC once it is working again.

2. Check the IP settings on one of your clients (I take it you have rebooted them since the failure?) to see what DNS server(s) they are using.

3. Use the command-line tool "nslookup" to do a few test lookups. What server does it say it is looking at? Do the lookups succeed?

In the end this is a simple DNS lookup failure. As you have a DNS server on the working DC, the only logical conclusion is that your clients aren't looking at it for some reason or it is not working correctly. The above tests should determine which.

And, although it is obvious, let me say once again that you may need to reboot any clients (or at least renew their DHCP lease) in the event of a DC failure. But in a properly set up network failure of a single DC should be transparent to the end-users, other than loss of any resources on that DC.

Report •

Related Solutions

November 5, 2012 at 08:08:38
Lets see ipconfig /all from a workstation and server.
do a nslookup yourdomainname and post the results for review

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

Ask Question