I just setup a new Windows Server 2008 R2 domain controller in our environment to add additional redundancy.
DNS seems to work on the new server. However, when I shut down the previously existing DC and try to login with a client within the same subnet as the DC, it will not login.
Is there something I need to activate on the new DC to make this work?
Thanks in advance.
Best Answer
No there's nothing you need to activate for it to work. Let's break down where the problems will most likely be.
DNS
The first rule of Active Directory is that if you have a problem, it's always DNS. You said that the DNS role is already installed on your new DC. Good. Now you need to verify that your clients are actually using it as a secondary DNS server. Log into a client that's problematic and run
ipconfig /alland look at the listed DNS servers. If your new DC isn't listed alongside the first one, then that's your problem. Generally, you configure the DHCP server to hand this out (Your DHCP service wasn't on the DC that you shut down, right?!).If you did add this to the DHCP options for your DHCP server, then you'll need to make sure you've waited long enough for the clients to process this change. They only update their leases halfway through the lease period. If you've got the default 8-day leases, you won't see clients starting to use both DNS servers with regularity until 4 days in. You can use
ipconfig /releasefollowed byipconfig /renewto force a client to update their lease info and pull down the new DNS servers.DHCP
A lot of people run their DHCP servers on one of their DCs. I personally don't like doing this, but in a small environment it is fine. If your first DC is the one with the DHCP Server role and you shut it down, things won't get new addresses. Depending on how you're testing this, it could be causing your problems. No IP connectivity == no login.
Failed Promotion
This is rare, but sometimes a DC fails during promotion. Check your event logs, specifically the Directory Services logs for anything ominous.