none
Active Directory Failover

    Dotaz

  • I have noticed an issue in Lync where if we lose a domain controller for what ever reason we see sign in failure for some or all users.  There are two domain controllers that are both GC's and also two Lync front end servers handling authentication.

    My question is, does Lync not have the built in intelligence to direct authentication attempts to a working DC if its preferred DC is down?

    Any advice/similar experiences gratefully received!

    20. února 2012 15:32

Odpovědi

  • Hi,

    If a User was onetime login it should be possible to login with the lync user if the DC failed.

    Wicht authentication do you use pre win 2000 domain\username or username@domain?

    for domain\username you will need the Dc with the PDC should be up


    regards Holger Technical Specialist UC

    20. února 2012 23:31
  • Hi,

    Would you tell us more information about your environment? Have you collocated DNS Server or CA with DC? Whether the domain user log on successfully? There maybe something wrong with replication or DNS record of Lync. Here are some suggestions for this issue:

    1. We need to make sure the replication has been succeeded. Please try to use DCDIAG to check it on DC.
    2. Please check if your A and SRV record of Lync Server has been set correctly on DNS Server.
    3. If there only two DC, you can useNedsutil to check if the operations masters have been transferred successfully. If not, we can seize FSMO roles to your second DC:

    http://support.microsoft.com/?id=255504

    Best Regards,

    Kent

                   

    22. února 2012 3:14
  • Hi,there,

    As they said,you should check you DC connection when the prefered DC is down,make sure the FSMO roles and replication status are ok since Lync will authenticate user due to the AD connection.You also can check the event viewer on Lync server and DC to get more details for troubleshooting.

    Regards,

    Sharon  


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    22. února 2012 7:04
    Moderátor

Všechny reakce

  • Hi,

    If a User was onetime login it should be possible to login with the lync user if the DC failed.

    Wicht authentication do you use pre win 2000 domain\username or username@domain?

    for domain\username you will need the Dc with the PDC should be up


    regards Holger Technical Specialist UC

    20. února 2012 23:31
  • Hi,

    Would you tell us more information about your environment? Have you collocated DNS Server or CA with DC? Whether the domain user log on successfully? There maybe something wrong with replication or DNS record of Lync. Here are some suggestions for this issue:

    1. We need to make sure the replication has been succeeded. Please try to use DCDIAG to check it on DC.
    2. Please check if your A and SRV record of Lync Server has been set correctly on DNS Server.
    3. If there only two DC, you can useNedsutil to check if the operations masters have been transferred successfully. If not, we can seize FSMO roles to your second DC:

    http://support.microsoft.com/?id=255504

    Best Regards,

    Kent

                   

    22. února 2012 3:14
  • Hi,there,

    As they said,you should check you DC connection when the prefered DC is down,make sure the FSMO roles and replication status are ok since Lync will authenticate user due to the AD connection.You also can check the event viewer on Lync server and DC to get more details for troubleshooting.

    Regards,

    Sharon  


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    22. února 2012 7:04
    Moderátor
  • Hi,

    Any updates here?

    If you have fixed the issue please kindly share the solution here.Thanks!

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    28. února 2012 3:17
    Moderátor