Jump to content

Adding a Backup Domain Controller

Incroyable HULK

By Incroyable HULK
in Windows 2000/2003/NT4

 Share

Recommended Posts

Incroyable HULK

Incroyable HULK

Posted
Posted (edited)

Hello all,

I have to deploy a secondary domain controller in case the first controller goes down.

The service provided with this server are:

1- Domain Controller (Active Directory)

2- DNS

3- DHCP

4- VPN

5- File Server

What would be your suggestion for the simplest way of doing it?

(about the DHCP part, I've heard you cannot duplicate the service, all you can do is set up a different scope and a good practice is to include about 25% of the original scope in the new one and vice versa...)

Edited by Incroyable HULK
Link to comment
Share on other sites

Incroyable HULK

Incroyable HULK

Posted
  • Author
Posted
You serious?

Always!

For AD and DNS, I have an idea but I want some input from people having done it

For the VPN, I guess I just have to set up the service, I don't think there is a way of replicating the service.

Also I wonder how, when you duplicate the user's files, they get access to them in the event of a failure of the primary domain controller?

Link to comment
Share on other sites
chilifrei64

chilifrei64

Posted
Posted

1- Domain Controller (Active Directory)

2- DNS

Just promote the second machine and make it the second DC in the forest

3- DHCP

Create a second scope with different address ranges. or create the same scope just disable the service until needed

4- VPN

Create the same thing on the 2 servers just keep the service set to disabled until needed

5- File Server

run DFS to replicate the data

It all is pretty straight forward. Not much to configure in case of a disaster. The biggest thing is to have that second DC that holds user information. Really, as long as you have that and a good backup program.. you should be in good shape

Link to comment
Share on other sites
ramone_johnny

ramone_johnny

Posted
Posted
1- Domain Controller (Active Directory)

2- DNS

Just promote the second machine and make it the second DC in the forest

3- DHCP

Create a second scope with different address ranges. or create the same scope just disable the service until needed

4- VPN

Create the same thing on the 2 servers just keep the service set to disabled until needed

5- File Server

run DFS to replicate the data

It all is pretty straight forward. Not much to configure in case of a disaster. The biggest thing is to have that second DC that holds user information. Really, as long as you have that and a good backup program.. you should be in good shape

Exactly, I just couldnt be bothered typing it. :whistle: Also, if youre new at this, which obviously you are, I would strongly suggest trialing this in a lab, NOT IN A LIVE ENVIRONMENT. If you screw something up withing AD, the phone will be ringing off the hook!

RJ

Link to comment
Share on other sites
ixion

ixion

Posted
Posted

If you do as chilifrei suggests on point number 3 and create a replica scope on the backup DHCP server enable IP address conflict detection (from memory right click the DHCP server name in DHCP MMC - last tab) because you are going to have clients on your network with addresses which have already been leased and your second DHCP server isn't going to know anything about them

to add to this, go into sites and services and right click on the NTDS settings for this backup server once its been promoted and make it a global catalogue. If you loose your first server alltogether then this second server, being a GC will have a copy of everything you will need to rebuild your domain

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...