If you are one of the many companies that have Windows Server 2008, and May you have the unexpected pleasure of a domain controller is not on you. Now, if you do not know what a domain controller, then you are in for domain is only the most important computer in the Windows Server 2008 domain. But on the other hand, May you have a technician install this beast of a computer. I put this domain is the power of the server, but it may not be placed on a very strong box. What you need to do is secure it is redundant. So, what should we do if the domain controller goes down and we have another domain controller? Well, first I want to tip my hat to you. Not many companies know the importance of having more than one domain controller in your environment. Let's digress a bit. Why do you want to have multiple domain controllers? See, the domain controller is not a couple of different things. It is the role of such schemes, Domain Naming Master, RID Master, Infrastructure Master and PDC Emulator. These control the entire environment. Let's go over some definitions. Do not go to sleep on me. We will be getting the good stuff soon enough.
Schema Master
Now you ask, what is the scheme? Scheme is simply a database. If you use Excel or Access in the past then you have been exposed to the database. Now diagram consists of classes that are table and attributes which are fields. Thus, the Schema Master controls the changes to the schema. Thus, we can say that it is relatively important to the server. It only controls every record that we make in Active Directory Domain Services utility called aduc which stands for Active Directory Users and Computers. This role is on the first domain controller is added to the forest by default. There is only one Schema Master per forest. When you update the schema, which is known as an extension of the scheme, you must be in the same forest as the domain controller.
Domain Naming Master
So, what is the definition of domain? Domain is a logical grouping of computers in which the domain controller is the central repository for accounts, security and politic.Domain Naming Master is responsible for monitoring the add and delete multiple domains within the environment. This role is on the first domain controller that is added to the forest is the default. There is only one Domain Naming Master in the woods.
PDC Emulator
Remember the old operating system known as Windows NT 4.0. This was the precursor to Windows Server 2008. Well in the old days, which is really little more than 10 years, the main domain controller is known as a primary domain controller. So this is where this role comes into play. It is necessary to place the primary controller service to control time. If this puppy is not working right then you are going the whole environment will suffer. This role is on the first domain controller is added to the forest by default. Now unlike the other roles, the PDC Emulator is in every area in the woods. However, there is only one in the woods. This is one of the most important servers in the domain.
RID
Unique identifier for the database is known as the primary key. So the primary key to ensure uniqueness of the Active Directory Domain Services is the SID that is known as security controls ID.RID RID for domain.RID a relative identifier. When you run out of releases will not be able to add additional security principals, such as invoices. Here is a tip do not recover this server. If you are the server at the same time as other RID server then you will have majorly messed up the domain. This role is located in each domain in the forest, but only one in the woods.
Infrastructure Master
This is a wonderful purpose of the Infrastructure Master monitors the movement of the domain. This needs some clarification. We are not talking about Big Brother. Well, možda.Glavno the infrastructure monitors movement of an object (account) from one OU (organizational unit) to another site or domain. Now the reason I call this odd animal, because it should not be on the same server as the Global Catalog. Ok, I know that we could go over the threshold limits of the human mind. However, the Global Catalog has a copy of each attribute in the woods. This will be covered in another article. Back Infrastructure Master, this role is also located in each area and there is only one in the woods.
Zing, I know it's a lot to remember. However, it is important. Look, remember our problem domain is down. If you have only one domain controller that contains all of these roles. Hello, you can see where we are with it. Make sure you have more than one domain controller per domain. Ok, here's another topic. Replication. No it's not cloning, but domains in the forest to replicate information to each other. This is another term multi-master replication. It just means that they have the same settings as the other guys. In any case, coming to work and find that the # 1 domain controller, a little dust. Do not panic, we can fix it. Coffee break and realign their thought process.
Rescue
So, we have a pretty bad shape. Users can not login, e-mail server is down, Yada yada yada. So, here's the good stuff. How do we get our domain back up and functioning? Call me, of course. Just kidding. This article is here to instruct you on how to recover from this disaster. Before we have to use one of two tools aduc (Active Directory Users and Computers) or ntdsutil. Since the tool of tools, ntdsutil will allow us all to be done. Ok, are you ready
Recovering from disasters
1 a step. Bring to a command prompt. Type cmd in the run command prompt or access to the accessories menu under Programs on the
Step 2 Type ntdsutil at the command prompt and press Enter
Step 3 Enter a role in the ntdsutil prompt and press Enter
Step 4 Type of connection to the role of the prompt and press Enter
Step 5 Type connect to server connections Jupiter in a row and press Enter. It will be presented a message that you are connected and use the credentials of the current
Step 6 Enter to close the connection line and press Enter. This will return you to the role of the
Step 7 Type seize the Schema Master role to the prompt and press Enter. This will take the role of Schema Master and give it to Jupiter.
Step 8 Type seize Naming Master role on the line and press Enter. This will take the role of Domain Naming Master and give it to Jupiter
Step 9 Type seize PDC role on the line and press Enter. It will take the PDC emulator and give it to Jupiter
Step 10 Type seize infrastructure master roles prompt and press Enter
Now you probably say that a lot of steps. We along with the first part. What, more? Hold would be antsy to have taken only about 5 hours. Just kidding. The whole process will take about 10-20 minutes. You'll be the savior of the network. All Righty then, the next part. By the way, the steps shown may be re-ordered when it comes to not case-sensitive threads.
Cleaning time
Now, in the beginning of this article, and pointed out each of the different roles and their purpose. So we took a violent.Drugi domain controller is still offline, but still theoretically have that role. If we were to bring to a domain controller again it would be great confusion. Also, the Active Directory Domain Services does not know who to answer. Kcc (Knowledge Consistency Check) is looking for partner.Partner is no longer available. We need to clean up this mess and quickly.
Step 11 Enter to close the roles prompt and press Enter. It will take us back to the beginning.
Step 12 Type select operation target metadata to clean the line and press Enter. We identify the domain controller is destroyed.
Step 13 Enter a list of the select operation target prompt and press Enter. This will list the site in forests
Step 14 Enter # associated with web sites that toppled the domain controller is a part, and press Enter. It will choose the place that has the records for the domain controller is destroyed
Step 15 Type list servers in site select operation target to prompt and press Enter. This will be a list of domain controllers that are in the web
Step 16 Enter # linked to a domain controller is down the domain and press Enter. This will select the domain to the domain controller demolished
Step 17 Enter to close the select operation target and press Enter. This will take you back to the cleaning section of metadata
Step 18 Type remove selected server metadata cleaning prompt and press Enter. This will remove the records within the Active Directory Domain Services
Step 20 Enter to close the metadata cleaning prompt and press Enter. Takes you back to the beginning
Step 21 Place close to the ntdsutil prompt and press Enter. Closes the ntdsutil utility
Step 22 Check aduc, DNS, etc. Make sure that you can open aduc. You May have to change the focus to a domain controller.
Wow, what an ordeal. Just think, if you did not have another domain controller within the forest. Do yourself a favor and make sure that you have more than one domain controller in your environment. There is a lot more that we can teach you. But we'll leave that for another article. Right now, go get that cup of coffee, high-five your staff and relax. Your domain is back up and running. Now go change some passwords and play Halo on your desk. Oops, I did not say that. See you later.
