Yes, I consider all those items a "given" - and verified that very early
on.
When inside of Active Directory Users and Computers, the Primary and
Additional Domain controllers I created don't show up in the list of
computers - of course, because they are domain controllers (not
computers), and when you click the Domain Controllers node in the Tree,
then BOTH domain controllers show up.
And yes, when in the DNS Settings, all looks well. It all looks very
good - every time domain controllers are mentioned (ie. Forward Lookup
Zones\anderson.net\_msds\dc\_sites\Default-First-Site-Name\_tcp), both
Domain Controllers are there - and in every other spot where Domain
Controllers should be mentioned, both are listed.
It looks like a successful implementation of the Additional Domain
Controller - so I am just stumped as to why, turning the additional
Domain Controller on, would cause the authentication to flake out. I
will start looking at the Event Logs like a hawk, and see if there is
something out of the ordinary.
I will admit, that from time to time, I will get the following in the
error logs on the Exchange Server:
Process MAD.EXE (PID-1912).
All Domain Controller Servers in use are not responding:
pdc-01.anderson.net
bdc-01.anderson.net
PDC-01 and BDC-01 are obviously the names of my domain controllers.
This message simply doesn't make sense because #1 these servers are
there, plain as day on the network, and #2 the users are authenticating
just fine. I have no idea why this message would be coming up.
Is there anything in the Active Directory Utilities - maybe in the
Administrative Tools, that can force a replication to occur - or a
synchronization? Is there anything of that sort, that is directed
towards troubleshooting communications specifically between Domain
Controllers?
I know I am rambling and shooting in the dark right now, but I am
stumped...
Thanks again for everything,
Mike
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 6:43 PM
To: Exchange Discussions
Subject: RE: Backup Domain Controller causing problems???
When you go into ADUC and click on 'Domain Controllers' do you see both
of your DCs there? Take a good look at your event logs - if you are
having authentication errors, those should be showing up. How about
when you check the zones in your domain's DNS server - are both of the
DCs listed there (in various places)? Normally, just an added DC
shouldn't require a lot of care & feeding.
-----Original Message-----
From: Mike Anderson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 4:30 PM
To: Exchange Discussions
Subject: RE: Backup Domain Controller causing problems???
I am sorry about that.
We are 100% 'Windows 2000 Server' - so yes - Active Directory.
I know that Primary and Secondary sort of went away as far as the
terminology goes... But of course, in order to establish the new Domain,
I had to flag one server as the "New Forest" - and then the server that
I refer to as the "Backup Domain Controller" - is simply an "Additional
domain controller for an existing domain".
I truly thought that was the long and short of it - so if there is
addition functions to perform, would you be able to point me in the
right direction?
Thanks,
Mike
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 6:21 PM
To: Exchange Discussions
Subject: RE: Backup Domain Controller causing problems???
I'm not clear on what your network is - W2K Active Directory, native or
mixed? In AD there is no such thing as a BDC, they're all DCs. Is that
what you built? Or is yours a BDC left over from an NT4 domain?
-----Original Message-----
From: Mike Anderson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:55 PM
To: Exchange Discussions
Subject: Backup Domain Controller causing problems???
Hello,
Could someone please throw some ideas my way, as to why having a
Secondary Domain Controller active on the network, could mess up
authentication?
If I have our BDC turned on and active on the network, and our users
attempt to fire up their Outlook from the outside (using Exchange RPC
Server published through our ISA Server), they are unable to
authenticate. However, if I turn off our BDC, then they can
authenticate just fine. This is also the case from time to time, when
workstations are initially turned on, and perform their initial login
into the Domain.
It's almost as if the BDC, is responding first to the authentication
requests, and doesn't have a current copy of all the user/password
information. I say that, because by turning off the BDC, everything
works fine once again.
This may be my ignorance - regarding how Domain Controllers differ from
NT4.0 versus Windows 2000 networks. It's my understanding that a Backup
Domain Controller - simply makes a copy of all items in Active Directory
- users, computers, passwords, etc. and then responds to requests if the
Primary Domain Controller doesn't respond in a timely manner. Is there
anything else, other than using the setup wizard, and joining the
Forest, that I need to do in order to properly set up a Backup Domain
Controller? I would think, that going through the setup wizard, and
simply letting it run on the network, was all there was to it.
Am I missing something here? Do I need to initiate some kind of
replication process, or synchronization in order to get the BDC current
with it's information? (provided that this is even the problem?)
If anyone could offer *anything* regarding this subject, I would be
grateful, as I see it to be very important to have our BDC operational
in case our PDC ever dies.
Thanks,
Mike
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
