2

I recently added a 2008 server to an existing 2003 domain. The 08 machine is DC and global catalog. However, it seems like (and makes sense that) when I make changes to policy on the 08 machine, it is propogating to the 03 machine and the clients after gpupdate report that the policy is coming from the 03 machine. This leads me to believe that there is something else that is defining the 03 machine as the master...

I would like the 08 machine to be the primary and 03 to be the backup. Is there a procedure I need to follow to make this happen? What are the caveats (if any)? And are there any features of 08 that I should look into taking advantage of?

Thanks,

stormdrain
  • 1,439
  • 7
  • 28
  • 52
  • Check the NTDS Settings for your 2003 server In Active Directory Sites and Services. Is that set to a global catalog also? – Nixphoe May 26 '11 at 15:38
  • 1
    all DCs are DCs there is no difference as far as the client is concerned. – Jim B May 26 '11 at 15:54

1 Answers1

4

There are no "primary" or "secondary" domain controllers in Active Directory.

You shouldn't really be worried about which server is performing authentication or suppling Group Policy to clients. The servers are equal replicas so the functionality is the same. You could tweak preference values on the SRV RR's for the DC's in DNS if you really wanted to, but you'd need a compelling reason to do so.

Why do you care which machine clients are using for Group Policy refresh?

Evan Anderson
  • 141,881
  • 20
  • 196
  • 331
  • Thanks. I don't really care, but I'm trying to get policies to propagate to the client which doesn't seem to be happening. I wasn't clear until I read your answer whether or not there was a master/slave type thing and thought maybe because I was making changes on the new primary DC those changes weren't propagating... Now I know the issue is somewhere else. – stormdrain May 26 '11 at 18:25
  • 1
    Nigh 9 out of 10 Group Policy application problems I've helped out with end up being DNS issues. The client's event log wants to help you, as does 'gpresult' and RSoP. – Evan Anderson May 27 '11 at 02:09