0

Assume the following situation: A domain with one Windows 2008 DC (DC1), having on it DNS, DHCP, some file shares and some printers installed.

The question is the following: How can i setup a second DC in such a way that if the first one is temporarily down, a user can login to DC2 and have full access to all file shares and printers?

To be more specific, i have setup a second DC (DC2, added as Global Catalog) and activated DFS in order to keep all the files synchronized between the two DCs. I have also setup DNS on it and have set in "Forwarders" the DNS servers of my provider (as in DC1). The actual questions are:

  1. Do i need to setup DHCP in DC2? If so, should it be setup in exactly the same way as in DC1 (with perhaps rearranging the DNS server order in order to have DC2 as the first DNS server)?

  2. I have set some drive mappings and printers through AD Policies. All of them point to DC1. What would be a good way for both drives and printers to point to the actual DC the user has logged on to? If done so, would that mean that the users will have two copies of the printers installed on their PCS (one pointing to DC1 and one to DC2)?

  3. When DC1 comes back online again, what would be the best way to manage the situation at hand? I ask that because at that point the server with the most recent copy of the files would be DC2 but the master server is DC1. Should all users logout, wait for the replication to transfer all files and login 5-10 minutes later to make use everything is OK and even if this is done, how can i be sure that when the users re-login, they will login to DC1 and not DC2?

Warner
  • 23,756
  • 2
  • 59
  • 69
Wanderer
  • 3
  • 2

2 Answers2

0

DHCP redundancy in terms of failover requires you to have clustering setup and setting up a cluster resource to the volume in which this data is replicated which would also require the hardware requirements of external storage. There is a TechNet article on this available here http://technet.microsoft.com/en-us/library/dd296696(WS.10).aspx

The solution would be a split scope as also referenced on TechNet here, http://technet.microsoft.com/en-us/library/dd296651(WS.10).aspx and that means your on the right track with item #1 setting up DHCP in DC2.

Failover Print services would also operate the same way as DHCP in a clustering manner, so the software fix would be to add the printers twice to both servers and twice to both workstations as seperate devices.

When DC1 comes back online make sure DFS is working and allow to replicate before anything else, afterwards default printers should be used again which are mapped to DC1, DHCP can be stopped on DC1.

Nick O'Neil
  • 1,771
  • 11
  • 10
  • 3
    I respectfully beg to differ on DHCP clustering. It's not neccessary as far as I'm concerned and more complex than most situations warrant due to the technical requirements needed for clustering. Your second DHCP recommendation of configuring a split scope would suffice as long as each scope has enough addresses to service all of the clients in the event that one of the DC's are unavailable. – joeqwerty Oct 20 '10 at 14:20
  • I'm with Joeqwerty - just divide your address space evenly between the DHCP servers. – Simon Catlin Oct 20 '10 at 18:39
  • Split scope it is then. Seems simpler. But: 1. I should probably rearrange the DNS server order on DC2's DHCP in order to have DC2 as the first DNS server, right? 2. If both servers are up, when a new client is connected to the network, will it always be "served" by DHCP1 or randomly by any of the DHCPs? – Wanderer Oct 22 '10 at 14:35
0

If you are using a domain DFS root, with replication, you can let DFS "worry" about accessing the files.

As for the DCs themselves, you may need to "seize" the PDC emulator role in the event of a server failure. The other FSMOs can sustain a short to medium outage.

Simon Catlin
  • 5,232
  • 3
  • 17
  • 20
  • What do you mean "If you are using a domain DFS root, with replication, you can let DFS "worry" about accessing the files"? Let's say a user opens an Excel file from DC1 and another one tries to open the same file (its replica) from DC2. Will the 2nd user be notified that the file is already open? Also, isn't there a chance the first user makes some changes in this file and closes it and the second user opens its replica before DFS has a chance of updating it? – Wanderer Oct 22 '10 at 14:29
  • Of course... last write wins. OK, ignore that. I use a replicated domain DFS for resillience, but the "authors" of the share access it via a non-DFS share (just below the DFS share). The "consumers" of the data use the DFS share. Apologies for the misguidance. – Simon Catlin Oct 22 '10 at 18:48