DC and DNS

Hi,

Running a Windows 2003 AD
We have 2 dedicated DC. when one is down, we have major issues on the
network.
Looks like networks settings and dns are not right.
Both are set as DNS

What should be the DNS settings for each server NIC?
Is there anything in DNS that needs to be set to work by itself?
Is there any other things I need to check as far as role. etc

Your help would be really appreciated

Make sure "Make sure primary DNS and 2nd DNS servers can ping each other and
not firewall block them" quoted from www.chicagotech.net. Also make sure you
have at lease one GC available. These search results may help.

Troubleshooting DNSSetup Multiple DNS servers. 1. When setup 2nd DNS, make
sure you type correct Master DNS Server IP address. 2. Make sure primary DNS
and 2nd DNS servers can ...
www.chicagotech.net/dnstroubleshooting.htm

Q & A: Why does my network crash ...You should have at least one GC running
at all times. ... To have windows domain redundancy, you should have 2 DCs
with the global catalog role. ...
http://www.chicagotech.net/netforums...opic.php?t=351


--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"vv" <(E-Mail Removed)> wrote in message news:4817b0e0$(E-Mail Removed)...
> Hi,
>
> Running a Windows 2003 AD
> We have 2 dedicated DC. when one is down, we have major issues on the
> network.
> Looks like networks settings and dns are not right.
> Both are set as DNS
>
> What should be the DNS settings for each server NIC?
> Is there anything in DNS that needs to be set to work by itself?
> Is there any other things I need to check as far as role. etc
>
> Your help would be really appreciated
>
>
>

If you have two DCs then you need both running.

The purpose of two DCs is not so that the LAN keeps right on ticking the
same way if you loose one,..the reason for two DCs is so that if you loose
one you do not loose the Active Directory Database and you do not loose the
DNS Structure,...but you still have to fix the broken one and get it back
into service as quick as you can.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

"vv" <(E-Mail Removed)> wrote in message news:4817b0e0$(E-Mail Removed)...
> Hi,
>
> Running a Windows 2003 AD
> We have 2 dedicated DC. when one is down, we have major issues on the
> network.
> Looks like networks settings and dns are not right.
> Both are set as DNS
>
> What should be the DNS settings for each server NIC?
> Is there anything in DNS that needs to be set to work by itself?
> Is there any other things I need to check as far as role. etc
>
> Your help would be really appreciated
>
>
>

Hello vv,

On both DC's set itself as preferred DNS and the other as secondary. Alsom
make sure both DC's are Global catalog server and that all clients are configured
to use both DNS servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Hi,
>
> Running a Windows 2003 AD
> We have 2 dedicated DC. when one is down, we have major issues on the
> network.
> Looks like networks settings and dns are not right.
> Both are set as DNS
> What should be the DNS settings for each server NIC?
> Is there anything in DNS that needs to be set to work by itself?
> Is there any other things I need to check as far as role. etc
> Your help would be really appreciated
>

Sorry, quotation should be "3. Make sure primary DNS and 2nd DNS servers
point to each other as primary and themselves as secondary if both DNS
servers are in the same LAN".


--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Robert L. (MS-MVP)" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Make sure "Make sure primary DNS and 2nd DNS servers can ping each other
> and not firewall block them" quoted from www.chicagotech.net. Also make
> sure you have at lease one GC available. These search results may help.
>
> Troubleshooting DNSSetup Multiple DNS servers. 1. When setup 2nd DNS, make
> sure you type correct Master DNS Server IP address. 2. Make sure primary
> DNS and 2nd DNS servers can ...
> www.chicagotech.net/dnstroubleshooting.htm
>
> Q & A: Why does my network crash ...You should have at least one GC
> running at all times. ... To have windows domain redundancy, you should
> have 2 DCs with the global catalog role. ...
> http://www.chicagotech.net/netforums...opic.php?t=351
>
>
> --
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on
> http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on
> http://www.HowToNetworking.com
> "vv" <(E-Mail Removed)> wrote in message news:4817b0e0$(E-Mail Removed)...
>> Hi,
>>
>> Running a Windows 2003 AD
>> We have 2 dedicated DC. when one is down, we have major issues on the
>> network.
>> Looks like networks settings and dns are not right.
>> Both are set as DNS
>>
>> What should be the DNS settings for each server NIC?
>> Is there anything in DNS that needs to be set to work by itself?
>> Is there any other things I need to check as far as role. etc
>>
>> Your help would be really appreciated
>>
>>
>>
>

Thanks guys.

I understood now.
The 2 DC are now using DNS1 as themselves and DNS2 as the other one.
Both were already GC.

I have noticed that the biggest issues are when the DC that holds all the
FSMO is down. It looks like it takes a while before the functions are taken
(if indeed it happens) by the other DC.
Is there anyway to automate it, or/and make the transition period shorter?

All our Unix/Linux servers get their user authentication from AD using ldap
via the Unix Services. ldap.conf on unix is set to use the 2 DC, but when
the "master" DC is down, this is when we have issues.

On a separate issue, we also have another office linked to our primary with
a permanent link.
They also have 2 DC
DC1 DNS1 is pointing to main Office DCa, and DNS2 is pointing to DC2
DC2 DNS1 is pointing to DC1 and DNS2 is pointing to main Office DCb

I tried to change each server DNS to point DNS1 to themselves and DNS2 to
the second local server. For both, after the changes, I did "ipconfig
/flushdns and ipconfig /registerdns". But after that the servers could not
communicate by name to each others or the main office DC.
So I reverted to the original situation.
Is it the correct configuration?
I have to make sure that replication between the 2 offices works, and that
the remote office can carry on work, in case the WAN link is down.

Thanks in advance
"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:(E-Mail Removed) .com...
> Hello vv,
>
> On both DC's set itself as preferred DNS and the other as secondary. Alsom
> make sure both DC's are Global catalog server and that all clients are
> configured to use both DNS servers.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hi,
>>
>> Running a Windows 2003 AD
>> We have 2 dedicated DC. when one is down, we have major issues on the
>> network.
>> Looks like networks settings and dns are not right.
>> Both are set as DNS
>> What should be the DNS settings for each server NIC?
>> Is there anything in DNS that needs to be set to work by itself?
>> Is there any other things I need to check as far as role. etc
>> Your help would be really appreciated
>>
>
>

Hello vv,

see inline

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Thanks guys.
>
> I understood now.
> The 2 DC are now using DNS1 as themselves and DNS2 as the other one.
> Both were already GC.
> I have noticed that the biggest issues are when the DC that holds all
> the
> FSMO is down. It looks like it takes a while before the functions are
> taken
> (if indeed it happens) by the other DC.
> Is there anyway to automate it, or/and make the transition period
> shorter?

There is no takeover, if one dc goes down. For authentication the clients
nead a running DNS server to connect to any available DC that has connection
to a GC.

> All our Unix/Linux servers get their user authentication from AD using
> ldap via the Unix Services. ldap.conf on unix is set to use the 2 DC,
> but when the "master" DC is down, this is when we have issues.

I don't know anything about UNIX/LINUX, but maybe somewhere is specified
this server by name or address which is used for authentication?

> On a separate issue, we also have another office linked to our primary
> with
> a permanent link.
> They also have 2 DC
> DC1 DNS1 is pointing to main Office DCa, and DNS2 is pointing to DC2
> DC2 DNS1 is pointing to DC1 and DNS2 is pointing to main Office DCb
> I tried to change each server DNS to point DNS1 to themselves and DNS2
> to
> the second local server. For both, after the changes, I did "ipconfig
> /flushdns and ipconfig /registerdns". But after that the servers could
> not
> communicate by name to each others or the main office DC.
> So I reverted to the original situation.
> Is it the correct configuration?

If you setup DNS only internal in the site, it should be enough normally.
We have 3 sites in one domain and every site uses it's own DNS servers, nothing
more. Zones are setup as Active directory integrated in the complete domain
so DNS replication occurs over AD replication.

> I have to make sure that replication between the 2 offices works, and
> that
> the remote office can carry on work, in case the WAN link is down.

If possible post an unedited ipconfig /all from both DC/DNS machines from
both subnets. Also you can run dcdiag, netdiag and replmon from the support
tools to check for errors on any DC in your domain.

See here about DNS setup:
http://support.microsoft.com/kb/825036

> Thanks in advance
> "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
> news:(E-Mail Removed) .com...
>> Hello vv,
>>
>> On both DC's set itself as preferred DNS and the other as secondary.
>> Alsom make sure both DC's are Global catalog server and that all
>> clients are configured to use both DNS servers.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi,
>>>
>>> Running a Windows 2003 AD
>>> We have 2 dedicated DC. when one is down, we have major issues on
>>> the
>>> network.
>>> Looks like networks settings and dns are not right.
>>> Both are set as DNS
>>> What should be the DNS settings for each server NIC?
>>> Is there anything in DNS that needs to be set to work by itself?
>>> Is there any other things I need to check as far as role. etc
>>> Your help would be really appreciate

"vv" <(E-Mail Removed)> wrote in message news:481a41eb$(E-Mail Removed)...
> I have noticed that the biggest issues are when the DC that holds all the
> FSMO is down. It looks like it takes a while before the functions are
> taken (if indeed it happens) by the other DC.
> Is there anyway to automate it, or/and make the transition period shorter?

There is no takeover
There is no transition
There is no transition period

You seemed to have ignored my first post.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------