domain name UNC path is inaccessible if one domain controller goes down
I have two domain controllers set up something like this:
ServerA.mydomain.local: 10.10.10.2 (Windows Server 2008)
ServerB.mydomain.local: 10.10.10.3 (Windows server 2008 R2)
For login scripts and the like, I use the path: \\mydomain.local\netlogon
This seems to always default to ServerB. If I turn off or restart ServerB (a process which takes several minutes), attempting to visit \\mydomain.local does not flip to ServerA. If I ping mydomain.local, it always returns the IP address of ServerB, even when it has been turned off.
I thought this was supposed to be a round-robin system.
Why am I seeing this behavior, and how can I fix it?
There’s not really enough information here to answer your question, but hopefully some of this can give you a better understanding of how Active Directory functions and maybe you’ll be pointed on the right path.
For login scripts and the like, I use the path: \\mydomain.local\netlogon
mydomain.local is a DNS zone that lives on the DNS servers for your Active Directory. By default, new domain controllers register A records for themselves in this zone and they also register A records for the zone name itself as their IP. The records should be in the mydomain.local zone and look like this:
(Same as parent folder) Host(A) 10.10.10.2 <timestamp>
(Same as parent folder) Host(A) 10.10.10.3 <timestamp>
If you do nslookup mydomain.local the DNS server should return a list of all domain controllers. If not, you’re missing an A record at the very least.
If one of those is missing, you should re-create it manually and do some root-cause analysis to find why it’s missing. When a client tries to look up \\mydomain.local in this case, it is doing it by the A record.
You should also check the _msdcs zone and make sure that both servers are listed there where they should be. If you can log on while serverB is offline, then this zone is likely OK.
You should use dcdiag.exe just to make sure that both domain controllers are in fact healthy and functioning properly.
Also, if you’re not running DNS on both DCs, you should and your clients should use both servers for DNS. Also, the DCs should use each other as the primary server for name resolution and themselves as secondaries to prevent replication issues.
Check more discussion of this question.
Related posts:
- How to register a new domain name on a windows based domain controller?
- Can Read-Only Domain Controller in External location work when VPN tunnel is down?
- UNC Path fails by IP “no network provider accepted the given network path”, but works using hostname
- Apache UNC network path under Windows?
- Active Directory: Is it required that the “A” record for a domain point to a Domain Controller?
Leave a comment
Recent Posts
- SCP transfer only modified files
- How can I automate clearing and resetting a Linux user’s home directory to a default?
- Cron expression that runs every 5 minutes from 1:30 am – 6:00 am [duplicate]
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?