mikeplokta-
Thanks for the question. It appears that many people are similarly
confused by this, as I found a lot of conflicting information.
However, a BDC will _not_ automatically promote itself to PDC- any
promotion must be performed manually. What is confounding about this
issue is that since Microsoft doesn't document everything that
_doesn't_ happen, there aren't any concrete references to this in
official documentation. However, every mention of BDC->PDC promotion
in Microsoft's documentation explicitly mentions the manual promotion
of the BDC. Additionally, I am relying on personl experience and
empirical evidence offered by trusted associates as well as the
Internet community at large.
When a PDC fails any BDCs that exist on a network will still handle
authentication records and provide NetBIOS names. However BDCs hold a
read-only copy of the domain SAM and thus, changes such as adding a
user or a user changing a password are impossible. If it is known that
a PDC will be unavailable for more than a few minutes, a PDC should be
manually promoted (this is done in the Server Manager application).
There are numerous USENET and mailing list theads on this topic. Some
of the highlights:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=utf-8&threadm=ODGnrunA9GA.197%40uppssnewspub05.moswest.msn.net&rnum=14&prev=/groups%3Fq%3DPDC%2Bautomatic%2Bpromotion%2BNT%26start%3D10%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3Dutf-8%26scoring%3Dd%26selm%3DODGnrunA9GA.197%2540uppssnewspub05.moswest.msn.net%26rnum%3D14
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=utf-8&threadm=01bc07de%24080af040%24a97e2399%40barryhome&rnum=8&prev=/groups%3Fq%3DBDC%2Bautomatic%2Bpromotion%2Bwindows%2BNT%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3Dutf-8%26scoring%3Dd%26selm%3D01bc07de%2524080af040%2524a97e2399%2540barryhome%26rnum%3D8
Once a BDC has been promoted to PDC (we'll call the promoted BDC
PDC_2, and the original PDC PDC_1), a new issue arises- how to bring
PDC1 back into the mix. Since a domain is only allowed one PDC, there
is a conflict. However, you cannot just demote PDC_2 back to a BDC,
since any changes made to the SAM while the PDC_1 was offline will be
lost. Thus, it is best to demote PDC_1 to a BDC, have it synch with
PDC_2, then demote PDC_2 back to its original role as a BDC and
promote PDC_1 to its original role as PDC. There is a Knowledge Base
article that discusses this process:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q112549&
I also discovered a useful Microsoft TechNet article that details the
sundry registry keys that control how PDC/BDC communication works. You
can find it at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winntas/maintain/ntopt4.asp
Hopefully this helps you out. Please let me know if there is anything
that needs clarification.
Search strategy:
www.google.com
--------------
BDC "automatic promotion" windows NT
groups.google.com (this was the most useful source)
-----------------
PDC "automatic promotion" NT
BDC "automatic promotion" NT
search.microsoft.com
--------------------
BDC automatic promotion |
,
0 Comments
)