none
Active Directory Failover

    Soru

  • I have noticed an issue in Lync where if we lose a domain controller for what ever reason we see sign in failure for some or all users.  There are two domain controllers that are both GC's and also two Lync front end servers handling authentication.

    My question is, does Lync not have the built in intelligence to direct authentication attempts to a working DC if its preferred DC is down?

    Any advice/similar experiences gratefully received!

    20 Şubat 2012 Pazartesi 15:32

Yanıtlar

  • Hi,

    If a User was onetime login it should be possible to login with the lync user if the DC failed.

    Wicht authentication do you use pre win 2000 domain\username or username@domain?

    for domain\username you will need the Dc with the PDC should be up


    regards Holger Technical Specialist UC

    20 Şubat 2012 Pazartesi 23:31
  • Hi,

    Would you tell us more information about your environment? Have you collocated DNS Server or CA with DC? Whether the domain user log on successfully? There maybe something wrong with replication or DNS record of Lync. Here are some suggestions for this issue:

    1. We need to make sure the replication has been succeeded. Please try to use DCDIAG to check it on DC.
    2. Please check if your A and SRV record of Lync Server has been set correctly on DNS Server.
    3. If there only two DC, you can useNedsutil to check if the operations masters have been transferred successfully. If not, we can seize FSMO roles to your second DC:

    http://support.microsoft.com/?id=255504

    Best Regards,

    Kent

                   

    22 Şubat 2012 Çarşamba 03:14
  • Hi,there,

    As they said,you should check you DC connection when the prefered DC is down,make sure the FSMO roles and replication status are ok since Lync will authenticate user due to the AD connection.You also can check the event viewer on Lync server and DC to get more details for troubleshooting.

    Regards,

    Sharon  


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    22 Şubat 2012 Çarşamba 07:04
    Moderatör

Tüm Yanıtlar

  • Hi,

    If a User was onetime login it should be possible to login with the lync user if the DC failed.

    Wicht authentication do you use pre win 2000 domain\username or username@domain?

    for domain\username you will need the Dc with the PDC should be up


    regards Holger Technical Specialist UC

    20 Şubat 2012 Pazartesi 23:31
  • Hi,

    Would you tell us more information about your environment? Have you collocated DNS Server or CA with DC? Whether the domain user log on successfully? There maybe something wrong with replication or DNS record of Lync. Here are some suggestions for this issue:

    1. We need to make sure the replication has been succeeded. Please try to use DCDIAG to check it on DC.
    2. Please check if your A and SRV record of Lync Server has been set correctly on DNS Server.
    3. If there only two DC, you can useNedsutil to check if the operations masters have been transferred successfully. If not, we can seize FSMO roles to your second DC:

    http://support.microsoft.com/?id=255504

    Best Regards,

    Kent

                   

    22 Şubat 2012 Çarşamba 03:14
  • Hi,there,

    As they said,you should check you DC connection when the prefered DC is down,make sure the FSMO roles and replication status are ok since Lync will authenticate user due to the AD connection.You also can check the event viewer on Lync server and DC to get more details for troubleshooting.

    Regards,

    Sharon  


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    22 Şubat 2012 Çarşamba 07:04
    Moderatör
  • Hi,

    Any updates here?

    If you have fixed the issue please kindly share the solution here.Thanks!

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    28 Şubat 2012 Salı 03:17
    Moderatör