Replication monitor says "All is well" - so we can rule that out.
Time Sync is an interesting thing... I have it turned off on all the machines, and I use an external source to keep all the servers absolutely positively synchronized. That should be good enough right? Even know the other servers aren't getting their updates from the Primary (or First) Domain Controller, the fact that they all have the same time because of a 3rd party source should be just fine right? You did bring up a good point though. Thanks for your input, Mike -----Original Message----- From: Bourque Daniel [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 8:20 PM To: Exchange Discussions Subject: RE : Backup Domain Controller causing problems??? Time synchronisation? Only one DC in the root domain should have an external Time source. Whar is the status of the replication if you run Replication Monitor (RepMon)? -----Message d'origine----- De : Mike Anderson [mailto:[EMAIL PROTECTED] Envoy� : 25 f�vrier, 2003 20:16 � : Exchange Discussions Objet : RE: Backup Domain Controller causing problems??? Yes, I consider all those items a "given" - and verified that very early on. When inside of Active Directory Users and Computers, the Primary and Additional Domain controllers I created don't show up in the list of computers - of course, because they are domain controllers (not computers), and when you click the Domain Controllers node in the Tree, then BOTH domain controllers show up. And yes, when in the DNS Settings, all looks well. It all looks very good - every time domain controllers are mentioned (ie. Forward Lookup Zones\anderson.net\_msds\dc\_sites\Default-First-Site-Name\_tcp), both Domain Controllers are there - and in every other spot where Domain Controllers should be mentioned, both are listed. It looks like a successful implementation of the Additional Domain Controller - so I am just stumped as to why, turning the additional Domain Controller on, would cause the authentication to flake out. I will start looking at the Event Logs like a hawk, and see if there is something out of the ordinary. I will admit, that from time to time, I will get the following in the error logs on the Exchange Server: Process MAD.EXE (PID-1912). All Domain Controller Servers in use are not responding: pdc-01.anderson.net bdc-01.anderson.net PDC-01 and BDC-01 are obviously the names of my domain controllers. This message simply doesn't make sense because #1 these servers are there, plain as day on the network, and #2 the users are authenticating just fine. I have no idea why this message would be coming up. Is there anything in the Active Directory Utilities - maybe in the Administrative Tools, that can force a replication to occur - or a synchronization? Is there anything of that sort, that is directed towards troubleshooting communications specifically between Domain Controllers? I know I am rambling and shooting in the dark right now, but I am stumped... Thanks again for everything, Mike -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 6:43 PM To: Exchange Discussions Subject: RE: Backup Domain Controller causing problems??? When you go into ADUC and click on 'Domain Controllers' do you see both of your DCs there? Take a good look at your event logs - if you are having authentication errors, those should be showing up. How about when you check the zones in your domain's DNS server - are both of the DCs listed there (in various places)? Normally, just an added DC shouldn't require a lot of care & feeding. -----Original Message----- From: Mike Anderson [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 4:30 PM To: Exchange Discussions Subject: RE: Backup Domain Controller causing problems??? I am sorry about that. We are 100% 'Windows 2000 Server' - so yes - Active Directory. I know that Primary and Secondary sort of went away as far as the terminology goes... But of course, in order to establish the new Domain, I had to flag one server as the "New Forest" - and then the server that I refer to as the "Backup Domain Controller" - is simply an "Additional domain controller for an existing domain". I truly thought that was the long and short of it - so if there is addition functions to perform, would you be able to point me in the right direction? Thanks, Mike -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 6:21 PM To: Exchange Discussions Subject: RE: Backup Domain Controller causing problems??? I'm not clear on what your network is - W2K Active Directory, native or mixed? In AD there is no such thing as a BDC, they're all DCs. Is that what you built? Or is yours a BDC left over from an NT4 domain? -----Original Message----- From: Mike Anderson [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 3:55 PM To: Exchange Discussions Subject: Backup Domain Controller causing problems??? Hello, Could someone please throw some ideas my way, as to why having a Secondary Domain Controller active on the network, could mess up authentication? If I have our BDC turned on and active on the network, and our users attempt to fire up their Outlook from the outside (using Exchange RPC Server published through our ISA Server), they are unable to authenticate. However, if I turn off our BDC, then they can authenticate just fine. This is also the case from time to time, when workstations are initially turned on, and perform their initial login into the Domain. It's almost as if the BDC, is responding first to the authentication requests, and doesn't have a current copy of all the user/password information. I say that, because by turning off the BDC, everything works fine once again. This may be my ignorance - regarding how Domain Controllers differ from NT4.0 versus Windows 2000 networks. It's my understanding that a Backup Domain Controller - simply makes a copy of all items in Active Directory - users, computers, passwords, etc. and then responds to requests if the Primary Domain Controller doesn't respond in a timely manner. Is there anything else, other than using the setup wizard, and joining the Forest, that I need to do in order to properly set up a Backup Domain Controller? I would think, that going through the setup wizard, and simply letting it run on the network, was all there was to it. Am I missing something here? Do I need to initiate some kind of replication process, or synchronization in order to get the BDC current with it's information? (provided that this is even the problem?) If anyone could offer *anything* regarding this subject, I would be grateful, as I see it to be very important to have our BDC operational in case our PDC ever dies. Thanks, Mike _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
