Domain controller question

elewis521 · Jul 12, 2017

Hello!

I currently have a server running windows server 2003 that is our domain controller active directory.
I am wanting to have a fail over domain controller in the event of a system failure. The server for the fail over has windows server 2008 r2 installed. Would I be able to set up the 2008r2 machine to take over if the 2003 machine fails? If so what is the easiest method to achieve this?

Thanks!

Alabalcho · Jul 12, 2017

Install AD role on 2008. Add it as domain controller into AD served by 2003.

And you know that 2003 is long out of support from Microsoft, and 2008 mainstream support is over as well.

elewis521 · Jul 12, 2017

I am aware that the two are out of support. Unfortunately it's all I have to work with at the moment. Any other steps or links to look at?

Alabalcho · Jul 12, 2017

http://www.sysadmintutorials.com/tutorials/microsoft/windows-2008-r2/how-to-setup-a-windows-2008-r2-domain-controller/
But instead of adding to a new forest, you go with existing AD

elewis521 · Aug 1, 2017

After this I would type in the domain name i am wanting to add it to or would I give the failover domain its own name?

elewis521 · Aug 1, 2017

Okay I figured the last issue out. Now I am getting an error on the failover 2008 machine that says "You will not be able to install a writable replica domain controller at this time because the RID master is offline." I went to the main DC that is running 2003 and I looked into Operation masters and it says ERROR. What do I need to do next?

Update...

While looking through the active directory users and computers on my 2003 machine I have noticed that under the domain controller folder that there are two domain controllers listed. I am guess that the Operation Master roles are connected to this other "domain controller"?

androbourne · Aug 1, 2017

Well there is a few things.

I'm assuming that server has DNS role as well. You are going to want that to failover also?

Also when you install AD on the new 2008 server. You have to make sure the domain and forest functional level are set to 2003. Not 2008.

As for operation masters. Don't touch those unless you want to set 2008 as your default AD. If you are keeping 2003 as your default AD server. Leave it as is.

You can open CMD and perform a netdom query fsmo to see where all the roles currently resides.

elewis521 · Aug 2, 2017

androbourne :

When using the netdom query fsmo it is saying "Security context is invalid the command failed to complete successfully."

androbourne · Aug 2, 2017

Make sure there is no typos. That appears to be the offical Semtex. I've use it many times.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/67f2c739-aeaa-4b21-99fb-0c2f6c2ecafd/query-in-cmd-for-fsmo-roles?forum=winserverDS

You may also try it in powershell.

Search

Domain controller question

elewis521

Honorable

androbourne

Alabalcho

Titan

elewis521

Honorable

Alabalcho

Titan

elewis521

Honorable

elewis521

Honorable

androbourne

Honorable

elewis521

Honorable

androbourne

Honorable

TRENDING THREADS

Latest posts

Moderators online

Share this page