I Need An Answer

Was asked the below question and wanted to know what the answer would be from people on here:

A windows 2000 server domain controller goes down. How would you remote (say from home) into the network/active directory and fix the domain controller and how would you go about investigating what effect its had on the rest of the global network (if any)?


Oh and need a fairly quick answer on this please to compare with i've written down! Cheers for any replies

BlkKnight

Assuming you don't have a backup *SORRY SECONDARY* domain controller, then you are pretty much knackered. A single domain controller controlls everything. . . . security, logons, (usually) DNS. If this fails your (windows) network is effectivly down.

If you have a secondary controller (which is replicating properly) things should "carry on as normal" once you have transfered accross the FISMO roles.

Back to the single domain controller situation. . . the only way you are going to be able to get onto the box remotely is via a third party application like VNC, PCanywhere, Dameware etc etc

But usually the machine is in such a state they most likely won't work anyway.

Moral is:

Have 2 or more domain controllers.

I Need An Answer

Cheers, yep be a lot more than one controller. Basically my answer was remoting in via vpn, use mmc and add services in the mmc such as active directory services to try to connect to the domain controller. Then do the same to connect to other domain controllers. Search for objects such as users/groups etc and make sure they are still available. If can remote onto the down domain controller with say for example dameware, bounce it and then check the services and the state of the controller once it comes back up and connect to it via the AD.

That sound about right or catastophically wrong lol?

BlkKnight

VPN > Terminal services

Much easier if you only have 2 or 3 boxes

I Need An Answer

Cheers, overlooked terminal server as an answer!

Basically whats happening is I have been put forward for an infrastructure job after being in desktop support for the last 5 years. Apparently its looking good (although not definate yet) that I will get it even though they know I have some huge gaping gaps and lack of experience in certain areas - namely infrastructure! I have been asked to come in and meet the team but I know I will be asked some more questions and just want to try and read up as much as possible on AD and general infrastructure situations, issues and setups.

They were put off by over experienced people and decided that although I have a lack of knowledge I have a severe desire to learn and be in infrastructure so am a better option than someone who will know it all and move on sooner. I still want to learn as much as possible though before I start if I get the job as I am going to be thrown in at the deep end and that means ******* things up as you learn which I want to avoid as much as possible!

Any good on-line resources apart from Microsofts site? I've already built a 2003 server and setup ad at home but hardly the same as a corporate environment lol. Also need to look at Veritas backup, have some experience with Arcserve but will need to know Veritas.

There are 3 others at the place who know everything there is to know about the job and the procedures so will be able to learn from them but still don't want to go in looking a total novice with servers

Basically want to learn as much about the folowing as possible:

Windows 2000 Server
Terminal Server
Active Directory
Veritas Backup
Cluster Server
IIS

Oh and it includes desktop support and 1st line support on the phone and even changing light bulbs if need be (I can manage that bit easy ) so plenty of work included that I can do so not totally out of my depth

GaryScoobNCBR

to be honest, the things your trying to learn are hard taught from a book, you either need to be shown or go on a proper course imho

David_Wallis

one other option is that if it would boot then it would pretty easy to fix (relatively speaking) depending on what the Hardware is (IE HP) ask if they purchased the ILO advanced pack.. I would then connect to it via that and fix it using the appropriate tools..

PS.. If this was a test for a job at our place.. I wouldnt allow you to touch any of our domain controllers!


David

BlkKnight

if you have space, try and get hold of a few PIII machines and play.

You'll soon discover how to break things.

If your doing it home - set them up so you are actually using them - IIS and IAS for www access. . . . datastorage for MP3's . .. . Domain controller for DHCP, DNS & Wins

That'll give you motivation to "un-****" things when you break it. If they are holding your data, you'll be less willing to wipe em and start again!

DogusB

As already said the best way to learn things in my opinion is to build and break them, if you have a good machine indoors/work try and get hold of a copy of VMware (GSX Server), then you can host mulitple guest OS's. For example I have VMware running at work with 2 windows 2003 DCs, Exchange 2003, a Terminal Server, File Server, XP Clents blah blah all in there own domain and then can mess around with it all.

just jump in and your pickup shed loads in the first few weeks and your confidence will grow!

I Need An Answer

Cheers guys, I agree wholeheartedly with the experience thing over books etc. Have set one machine up as a 2003 server, will set some more up as 2000 servers and play. Its corporate experience I need though, not home messing about

David please can you explain what it was in my answer that was so wrong? I need to learn from other people so critisism is fine and I have no issue with what you've said but would help me more if you can tell me what bit was wrong and whats the right answer I am not going into this job being expected to know what to do as they know i'm from 2nd line with 3rd line admin but to learn quickly on the job from the other guys. I'd like a bit of a head start though!