none
How to promote a DC

    Question

  • I have installed WS2008 and promoted it to DC.  I added another server and made it as an additional DC to the existing domain.  In case the first DC crashes, how can I promote the additional DC to be the main DC.
    Satish Menon
    Tuesday, May 24, 2011 6:24 PM

Answers

  • Hello,

    first of all make your second DC a DNS/GC server.

    Once done, you will get two DC/DNS/GC servers which will ensure the high-availability of DC/DNS services and reduce the risk of losing your domain.

    If a DC is down, you can proceed by two possible ways:

    • If it is unrecoverable or you can not wait until it will be repaired then you have to resize FSMO roles to the other DC, perform a metadata cleanup and then delete all remaining DNS records of the old DC. After that, you should never let back the DC that was down. If repaired, you have to run dcpromo /forceremoval to force its demotion before getting it online again. I'd recommend in both cases that you promote a second server to be a DC/DNS/GC server
    • If it is recoverable and you can wait until it will be repaired then don't do anything

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration

    Tuesday, May 24, 2011 6:48 PM
  • Hello,

    in a single forest domain make all DCs Global catalog server. To have failover option make the second DC also DNS server and configure all domain machines to use it on the NIC. This will be sufficient for logon of clients to the domain if the first installed DC i snot available for short time.

    If you have a crash and the first installed DC NEVER comes back from backup you have to move FSMOs, run metadata cleanup and some more, more details in: http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx

    Also the time service on the new PDCEmulator must be set: http://msmvps.com/blogs/mweber/archive/2010/06/27/time-configuration-in-a-windows-domain.aspx


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Tuesday, May 24, 2011 8:51 PM

All replies

  • Hello,

    first of all make your second DC a DNS/GC server.

    Once done, you will get two DC/DNS/GC servers which will ensure the high-availability of DC/DNS services and reduce the risk of losing your domain.

    If a DC is down, you can proceed by two possible ways:

    • If it is unrecoverable or you can not wait until it will be repaired then you have to resize FSMO roles to the other DC, perform a metadata cleanup and then delete all remaining DNS records of the old DC. After that, you should never let back the DC that was down. If repaired, you have to run dcpromo /forceremoval to force its demotion before getting it online again. I'd recommend in both cases that you promote a second server to be a DC/DNS/GC server
    • If it is recoverable and you can wait until it will be repaired then don't do anything

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration

    Tuesday, May 24, 2011 6:48 PM
  • Hello,

    in a single forest domain make all DCs Global catalog server. To have failover option make the second DC also DNS server and configure all domain machines to use it on the NIC. This will be sufficient for logon of clients to the domain if the first installed DC i snot available for short time.

    If you have a crash and the first installed DC NEVER comes back from backup you have to move FSMOs, run metadata cleanup and some more, more details in: http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx

    Also the time service on the new PDCEmulator must be set: http://msmvps.com/blogs/mweber/archive/2010/06/27/time-configuration-in-a-windows-domain.aspx


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Tuesday, May 24, 2011 8:51 PM