Users are unable to login if one of the domain servers is down


  • Hi

    I have a windows server 2008 domain with 2 Domain controllers.

    Server 1 has Schema,Naming Master, PDC, RID  & Infrastructure Roles.

    Server 2 had Global catalog.

    I never tested it the other way , server 1 is down and server 2 is up.

    If server 2 does not boot then the domain users are unable to login to the domain.

    How can I fix it?




    Thursday, January 12, 2017 6:52 AM

All replies

  • Hello,

    How is the DNS configured on your user workstations? Are they pointing to both DCs for DNS resolution or only at one of them?


    Thursday, January 12, 2017 8:04 AM
  • Hi,

    workstations look up domain controller for your domain in two ways : 1) DNS; 2) NETBIOS
    It is looks like when server2 is offline, users cannot get correct dns response.
    What is your client's DNS configuration? 
    If both controllers acts as DNS, please check that they both are listed in workstation's DNS configuration.

    Thursday, January 12, 2017 8:09 AM
  • Hi

    All the work stations are pointing to both of the domain servers.

    Net BIOS points to  Server 1 .

    Just to point out only server 2 was configured as Global Catalog.

    Could this be the problem ?



    Thursday, January 12, 2017 8:13 AM
  • Could you check that server1 has been successfully registered in DNS to advertise itself as an available DC?
    dcdiag /test:registerindns /dnsdomain:FQDN /v
    Thursday, January 12, 2017 8:33 AM
  • Hi

    Thanks for the quick reply

    this is the result :

    DNS configuration is sufficient to allow this domain controller to dynamically register the domain controller Locator records in DNS.

    The DNS configuration is sufficient to allow this computer to dynamically register the A record corresponding to its DNS

    ......................... SERVER1 passed test RegisterInDNS     




    Thursday, January 12, 2017 8:56 AM
  • How many domains do you have in your forest?
    Access to a global catalog server is a requirement for authentication in a multidomain forest

    • Edited by BearEater Thursday, January 12, 2017 10:07 AM
    Thursday, January 12, 2017 9:50 AM
  • Hi

    I have a 1 main domain and 1 sub domain.

    Server 1 & 2 are the dc's of the main domain and sub-server 3 is the domain controller for the sub-domain.

    all the users belong to the main domain.



    Thursday, January 12, 2017 10:29 AM
  • At least one global catalog should be available in multi domain forest, otherwise users couldn't logon.
    GC is required for logon due to universal group membership (user can be a member of group in another domain, but without accessible GC , DC cannot enumerate all user's groups ) and UPN suffix (you can set UPN different from domain's name, UPN is resolved in global catalog of the user's forest )
    The only solution is to enable GC on other servers.
    Thursday, January 12, 2017 10:48 AM
  • Hi


    After reading some on the net I have marked Server 1 as a GC.
    I did this before but i wad confused by warning message.

    I did it now read the message and marked the server as GC.

    I will test it later on.



    Thursday, January 12, 2017 10:52 AM
  • Hi

     First server1 should be the prefered dc and server2 should be the alternate on client computers from dns settings.Also if you have Dhcp check this config from there.

    Otherwise you should check the DC's health,replication,dns health etc.

    run "dcdiag","repadmin /replsum" on both dc then check for any error log's.

    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Thursday, January 12, 2017 12:04 PM
  • Hi,

    I am checking how the issue going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Monday, January 16, 2017 8:55 AM