STMS Backup Domain Controller.

Similar Messages

• Problematic issues in installing backup domain controller on Virtual Machine

  Hello,<o:p></o:p>
  I have a physical domain controller - windows Server 2012 R2 Standard installed
  in my domain environment and this is a first root domain controller.
  I have also Hyper-V Server 2012 R2 installed and joined in that domain. 
  Now I want to install an additional (Backup) domain controller as a virtual
  machine hosted on Hyper-V Server. So while promoting VM as a DC all actions and
  steps go well but the problem arise when I press the install button at the end
  of the promotion - installation gets stuck in the process of writing some
  configuration files on first DC and also in the process of replication. Unfortunately
  VM does not promote as a DC and it goes to restart.
  The error event log with - NETLOGON source is logged on the virtual machine as
  well.
  Do you have some suggestions with this issue, or experience how to resolve this..
  Thanks a lot in advance,
  GMG
  <o:p></o:p>

  Now I want to install an additional (Backup) domain controller
  There is no backup DC. All DCs are RW except RODCs.
  I would recommend first checking the health status of the existing DC using
  dcdiag command. Also, please check the IP settings in use: Please make sure that the existing DC has its primary IP address in use and that public DNS servers are set as forwarders and not in IP settings of the DC. For the new DC, please make sure
  that it points to the existing DC as primary DNS server and once promoted you can see the recommendations here to update the configuration: http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx
  Please also disable temporary all security software in use on the DCs and make sure that needed ports for AD replication and authentication are not blocked or filtered between the DCs.
  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Get Active Directory User Last Logon
  Create an Active Directory test domain similar to the production one
  Management of test accounts in an Active Directory production domain - Part I
  Management of test accounts in an Active Directory production domain - Part II
  Management of test accounts in an Active Directory production domain - Part III
  Reset Active Directory user password

• Can't make a Backup Domain Controller

  I have one Open Directory Master and three replicas. The Master is also set to be the Windows Primary Domain Controller. But none of the replicas can join the domain or join as the Backup Domain Controller.
  When I search the logs on the Master, I see:
  could not find new user/computer luca$ in passdb
  luca (a replica) is in Workgroup Manager. I even added a Kerberos entry for it.
  Any help is greatly appreciated.

  Solved my own problem...
  Turns out that some users on the network took it upon themselves to join a Workgroup with the same name as our Domain. Samba doesn't seem to like that at all. So make sure your workgroup names are never the same as your domain names.

• JCIFS NTLM - giving backup domain controller in web.xml

  Hi All,
  We are using JCIFS NTLM authentication, for which we've configured the filter in web.xml like this
  ... other code ...
  <filter>
      <filter-name>NtlmHttpFilter</filter-name>
      <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
      <init-param>
          <param-name>jcifs.http.domainController</param-name>
          <param-value>SERVER1</param-value>
      </init-param>
      ..... other code .....the above code specifies a single domain controller SERVER1 for the NTLM authentication. Suppose, I want to give one more server also (i.e. when the SERVER1 down, NTLM should check my backup server SERVER2), how do I give it in the above code? Is it like <param-value>SERVER1, SERVER 2</param-value> ?
  Thanks in advance.

  I am facing the same exact problem.
  <filter>
            <filter-name>NtlmHttpFilter</filter-name>
            <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
            <init-param>
                 <param-name>jcifs.http.domainController</param-name>
                 <param-value>corg0dc02</param-value>
            </init-param>
  </filter>
      <filter-mapping>
           <filter-name>NtlmHttpFilter</filter-name>
           <url-pattern>/*</url-pattern>
      </filter-mapping>
     Is it possible to use EL or equivalent instead of hard-coding the param-value? Is this allowed in the Servlet spec?
  I would like to read the param-value from a properties file or DB table if possible.
  Edited by: asookazian on May 21, 2009 10:34 PM

• Os 10.5.6 OD replica will not create SMB backup domain controller

  Hi,
  Apologies if this is a redundant posting. I have two xserves both w/ os 10.5.6. One is the OD master and SMB PDC. The other is an OD replica w/ SMB turned on as a standalone server. I'd like to promote this to the BDC, but trying to do so w/ server admin fails consistently.
  OD replication works fine, and I've confirmed the diradmin account's information is correct. Is there anything that I'm failing to take into account?
  here's is one log entry that looks suspect:
  "Loadlmhostsfile: Can't open lmhosts file /private/etc/lmhosts. Error was No such file or directory"
  I can provide smb.conf and other logs if anyone wants, but the config is pretty much all defaults. Thanks for any advice.
  -SB

  This is typically an issue with OD Master. You typically have to demote the PDC to stand alone and then bring the OD Master to stand alone as well and start the process over. Instead of that there is a command you can try, although I haven't and see how it works.
  sudo mkpassdb -kerberize
  Before doing that make sure hostname and sudo changeip -checkhostname all return good things. Don not forget this as well:
  scutil --get HostName
  dscl /LDAPv3/127.0.0.1 -read /Config/KerberosKDC > KerberosKDC.out; cat KerberosKDC.out
  In either even always make sure you have a good backup of the server and ODM before doing anything.

• Refreshing the DEV system, which is our domain controller

  Hi,
  We refreshed our DEV system, which is our domain controller. How to get back our STMS configuration in the domain controller ? Can I run se06 in our proudction system to delete the TMS and then running STMS in production to create the TMS. Then approving that in the domain controller. Is there any other way to restore the configuration ?
  Thanks
  Rabi

  You could always specify a backup domain controller before you start.

• Rebuilding Domain controller & Transport Routes after system refresh

  I have refreshed Dev from Prdn, now my domain controller only shows single system
  I have documentation but, it is confusing to me how to have QAS and Prdn join the domain controller again and show the domain as a three tier system
  When I log into QAS and Prdn I still see the old 3 tier system including the domain and the other systems.
  Please advise
  maria
  Edited by: Maria Graziano on Mar 27, 2008 3:53 PM

  You don't perform backup of domain controller.
  You only designate in STMS one of servers as "Backup Domain Controller"
  when Primary  controller fails than "Backup domain Controller" takes his role and becomes a primary.
  So action to refresh domain controller is:
  1. Designate one of servers as backup domain controller
  2. Backup transport directory if it is on refreshed server (just in case)
  3. Switch backup controller to become primary
  4. Refresh primary system
  5. Join refreshed system to domain
  6. Switch back primary function to refreshed server
  Regards,
  Wojtek

• Change Domain Controller

  Hello Experts,
  Currently we have DEV system as our domain controller with no backup domain controller, now we want to configure PRD as Domain controller & DEV as backup doamin controller.
  I found that there are 2 ways of doing so:
  1. Make PRD as BDC & activate it, then point TRANSDIR & DIR_TRANS to PRD trans directory
      Issue: Domain name, group name & profile name will still be the same
  2. Delete STMS configuration & reconfigure from start (PRD as DC & DEV as BDC). Set transport directory path in instance profiles
  So we decide to go with approach 2 (delete & reconfigure everything).
  Need your feedback on both the approaches.
  Is there any way to take backup of all STMS configuration (or atleast Routes) & restore it.
  Regards,
  Rajneesh

  Dear All,
  We have successfully done the migration of Domain controller fron DEV (Standalone) to PRD (High availabiltiy). Few points to
  remember:
  1. No need to delete & create routes before / after the activity. It maintains the version.
  2. need to run report TMS_MGR_LOADBALANCING after configure PRD as DC to make it high available.
  Regards,
  Rajneesh

• Installing a Windows 2012 Domain Controller into a 2000/2003 domain with Exchange 2003

  Hello,
      I have a client that we are planning to migrate to 2012 over time.  They currently have a Windows 200 DC and 2 member servers running Windows 2003, one of which is running Exchange 2003.
      We first are going to introduce a 2012 server into the domain and my plan was to DCPromo the 2003 server that isn't running Exchange and raise domain level to 2003 and then demote the 2000 server.  I was then going to install the
  2012 server into the domain and make it a backup Domain Controller for the time being and leave the newly promoted Windows 2003 server as the primary Domain Controller with all the roles and global catalog.  My question is will Exchange 2003 still function
  normally in this scenario?
     I've been doing research and read some things about Exchange 2003 not working with 2012 Domain Controllers, but I was thinking if the 2003 is still the primary, it might work.  We will eventually migrate to 2003, they just don't want to
  do it all at once, due to costs and other issues.
  Thanks.

  I didn't ask if it was supported, I just wanted to know if Exchange 2003 would continue
  to function if the Windows 2003 DC still held all the FSMO roles and Global Catalog.
  A not supported situation means that it is a situation where Microsoft made no testing or do not guarantee that you can operate with no problems. Following a not supported scenario could be done but is on your own risk.
  If it won't, can the 2012 server be a member server in the 2003 AD?  The 2000
  DC it is replacing, just shares files on the network in addition to being the lone AD server
  Yes, it can be a member server.
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Windows Server Primary & Secondary Domain Controller Question

  lulzchicken wrote:
  Right now the DHCP is assigning 192.168.200.1 (DNS server) and 8.8.8.8 (Google's DNS) as DNS servers for each client. I don't necessarilly want to change these assignment settings,Yes, you do. This is absolutely the worst thing you can ever do with DNS. More details why here -> Ramblings of a Sysadmin: How to do DNS correctly
  Primary and secondary DNS should ALWAYS be internal.
  Your DNS Servers should use FORWARDERS go go out to google. That's the only place that should see google DNS servers in your environment.

  Hi everyone, thank you for taking the time to listen.
  I have successfully implemented an Active Directory setup using a Primary DC and a Secondary DC with Windows Server 2012 R2.
  EL1 is my PDC and EL2 is my BDC.
  Active Directory is in sync among the two Domain Controllers. Here is my question:
  If I were to have a policy (Group Policy) that sets the wallpaper of each client machine to whatever is in the "\\EL1\Wallpaper\wp.jpg" - what would happen if I were to have that Domain Controller fail? That directory is no longer available due to the outage - even though the Backup Domain Controller will still be pushing out the policy (pointing to the down server).
  My idea was to have that directory replicated on the Backup Domain Controller, "\\EL2\Wallpaper\wp.jpg" however - the policy will still be looking for the file in the Primary Domain...
  This topic first appeared in the Spiceworks Community

• 2012 Essentials and Backup Domain Controllers

  I understand that 2012 Essentials wants to be the domain controller but what happens if I install a second one on the same network/what is the option for a backup domain controller? Is it recommended to have one 2012E and one 2012S?

  As far as I can find you can have a second "replica" domain controller, but you can only have one essentials box in the domain (so the replica would just be Windows Server standard), and that must be the master server, eg it must own the FSMO roles.
  Check out
  http://blogs.technet.com/b/sbs/archive/2007/10/04/debunking-the-myth-about-additional-domain-controllers-replica-dcs-in-an-sbs-domain.aspx which covers many of the limitations and requirements. It doesn't relate to 2012, but I believe the same rules still
  apply.

• Domain controller backup and recovery

  We have  5 DCS 3 in one location and other 2 in another location
  Considering the first location with 3 dcs, we have baremetal backup (windows server backup) configured for all 3 dcs
  What will be the best way to restore/recover if one of the dc fails, does normal restore wouldnt give any errors?
  Amal RS

  Hi,
  If you use AD integrated DNS zones, then System State backup contains the DNS data, your DNS data will get backed up along with your AD. If you run a DHCP server backup from the DHCP management console this is independent from the date, you are just to restore
  the one you need.
  DNS, DHCP backup and restore
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/094ad3b2-1411-4b14-a729-b4f83f45bbec/dns-dhcp-backup-and-restore
  Domain Controller Recovery
  http://technet.microsoft.com/en-us/library/cc535164.aspx
  Regards,
  Mandy
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Domain Controller System State backup script *not working*

  Hello I am trying to get an automated backup for my domain controller to a network share using a script and windows task scheduler - our domain controller is windows server 2008r2
  this is the code for the script i have written as seen below, however when i run the scrip it does create the folder on the network share but fails to initiate the system state backup power shell returns this error when i run the script.
  any suggestions on what i can do to resolve this issue? i am also rather new to powershell so there many be a much easier way of going about it.
  many thanks
  Gordon
  wbadmin 1.0 - Backup command-line tool
  (C) Copyright 2004 Microsoft Corp.
  ERROR - One of the parameters or options specified is invalid: [quiet].
  See the syntax below.
  Syntax: WBADMIN START SYSTEMSTATEBACKUP
  -backupTarget:<VolumeName>
  [-quiet]
  Description: Creates a system state backup of the local computer and stores
  it on the location specified.
  To use this command, you must be a member of the Backup Operators group
  or Administrators group.
  Parameters:
  -backupTarget Specifies the location where you want to store the backup.
  The storage location requires a drive letter or a GUID-based
  volume of the format: \\?\Volume{GUID}.
  -quiet Runs the command with no prompts to the user.
  Example:
  WBADMIN START SYSTEMSTATEBACKUP -backupTarget:f:
  #adds windows server backup powershell snapin
  Add-Pssnapin windows.serverbackup
  #gets date
  $date = Get-Date -Format dd.MM.yyyy
  #declares backup location and adds date
  $backdir = ("\\backupserver\bpdbackups\DC\$date")
  #makes backup directory on network share
  mkdir $backdir | out-null
  #runs system statebackup
  wbadmin start systemstatebackup -backupTarget:$backdir -[quiet]
  #sends and email at the nd of the process
  $smtp = "192.168.xxx.xxx"
  $from = "Domain Controller <[email protected]>"
  $to = "Network Admin <[email protected]>"
  $body = "The backup operation has been successfully done! Date: $date"
  $subject = "Backup on $date"
  #Send an Email to User
  send-MailMessage -SmtpServer $smtp -From $from -To $to -Subject $subject -Body $body - BodyAsHtml
  write-host "Backup Successful"

  wbadmin start systemstatebackup -backupTarget:$backdir -[quiet]"[quiet]"? I guess you should remove the bracketswbadmin start systemstatebackup -backupTarget:$backdir -quiet

• Server 2008 Hyper-V Failover Cluster Error on Domain Controller Reboot

  I am pretty new to Hyper-V virtual but I have 2 Hyper-V Clusters, each with 2 Nodes and a SAN, 1 Physical Domain Controller for failover cluster management and 1 virtual domain controller as backup.  All is running well, no issues.  I installed
  windows updates on the physical DC and upon reboot, got an error 5120 on cluster 2 that says "Cluster Shared Volume 'Volume1' ('Cluster Disk 1') is no longer available on this node because of 'STATUS_CONNECTION_DISCONNECTED(c000020c)'.  All I/O will
  temporarily be queued until a path to the volume is reestablished.  It pointed to the 2nd node in that cluster as being the issue but when I look at it, it is online and all healthy so I don't understand why the error was triggered and if the DC would
  go down for a failure, would that node not be able to access the CSV permanently.
  Appreciate any help anyone can provide.

  Hi mtnbikediver,
  In theory, if you has the correct configuration of cluster the DC restart will not cause the CSV down, does your shared storage installed on your DC? Did you run
  the cluster validation before you install the cluster? We strongly recommend you run the cluster validation before you build the cluster, same time please install the recommend update of 2008 cluster first.
  Recommended hotfixes for Windows Server 2008-based server clusters
  http://support.microsoft.com/kb/957311
  I found a similar scenario issue the DC restart will effect the cluster network name resource offline, but it is for 2008R2.
  Cluster network name resource cannot be brought online when one of the domain controllers is partly down in Windows Server 2008 R2
  http://support2.microsoft.com/?id=2860142
  I’m glad to be of help to you!
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Hyper-V host fails with "RPC Server unavailable" error when I try to promote Windows Server in virtual machine to a domain controller

  Host: Windows Server 2012 R2 with Hyper-V and RRAS (for Internet over NAT)
  VM: Windows Server 2012 R2 with installed Active Directory Domain Services
  When I open AD DS configuration window (“promote this server to a domain controller”) many services and programs on my host (include Hyper-V, RRAS & Server Manager) fails with RPC Server unavailable error.

  Hello Aleksandr,
  There wasn't any configuration information, ipconfig /all, network setup, etc. So it's difficult to tell.
  More importantly, are you trying to promote the host server? If yes, that is not advised, for one, because it's a Hyper-V server, (not suggested at all), and two, RRAS is installed. RRAS is problematic with any domain controller because it turns it into
  a multihomed domain controller.
  Active Directory communication fails on multihomed domain controllers
  http://support.microsoft.com/kb/272294/
  Multihomed DCs (with more than one unteamed NIC or multiple IPs) with DNS, RRAS, iSCSI, Clustering interfaces, management interfaces, backup interfaces, and/or PPPoE adapters - A multihomed DC is not a recommended configuration, however there are ways to
  configure a DC with registry mods:
  http://blogs.msmvps.com/acefekay/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters/
  7 Reasons not to Make Hyper-V a Domain Controller
  http://www.altaro.com/hyper-v/reasons-not-to-make-hyper-v-a-domain-controller/
  Domain Controller as Hyper-V host
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/4ff14bec-a815-473b-8d2a-33e91e17197b/domain-controller-as-hyperv-host?forum=winserverhyperv
  Networking?
  I don't know how your networking is setup, whether there are multiple NICs on the host server, if they are teamed, if you have the host interface set to allow the operating system to share administration, or if there are separate interfaces for each. Can
  the host OS ping/communicate with the DC virtual machine?
  If there are more than one NIC, you have the choice to team the NICs and share the Teamed NICs for the Hyper-V OS and the VMs, or keep them separate where one is devoted for the Hyper-V OS, and one for the VMs.
  Hyper-V Server VLAN Network Configuration
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/0aa71d2a-ebf9-4a3e-bbf5-94db55339fa2/hyperv-server-vlan-network-configuration?forum=winserverhyperv 
  Recommendation:
  Why not just create another VM DC?
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.