question

IkhsanAli-1590 avatar image
0 Votes"
IkhsanAli-1590 asked DSPatrick commented

Backup Domain Controller at Cloud failed to function

Hi All.

I have a 2 VM in my local network, which serves as PDC and BDC. Also, I have installed and setup a BDC (using same OS which is Windows Server 2016) at VM in the Cloud (AWS), which serves at Disaster Recovery. I use IPSEC VPN from my local network to AWS. Both servers functioned properly and I can see the replication in all servers.

Now, I would like to test the DR scenario. I turned OFF all Servers in my local network. I am assuming the BDC in the cloud will be functioned properly. but it's not. I can open DNS Manager and it showed my domain. but when I tried to open Active Directory Sites and Services and Active Directory Users and Computers, it failed with message :

"Naming Information cannot be located because:
The specified domain either does not exist or could not be contacted".

Just additional notes:

  1. The BDC in the cloud can access internet and can access my local network (with the condition of both DC is turned off).

  2. When I ping my domain, it goes to the BDC in my local.

  3. When I nslookup to my domain (from my BDC in the cloud), it showed all three DCs, and default address : localhost

  4. If I turn ON the BDC in my local network, then the BDC in the cloud will be functioned properly. Also, the BDC in my local network is functioning properly. but this is not the scenario that I want.


Any idea how to solve this?

Thank you in advance.

windows-active-directorywindows-server-2016
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick commented

Please run;

Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\dc3.txt

then put unzipped text files up on OneDrive and share a link.



· 5
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

IkhsanAli-1590 avatar image IkhsanAli-1590 ·

Hi @DSPatrick

Thanks for your answer.

Sorry this might be a stupid question. But where I should run the command? in the PDC (my local DC) or in my cloud DC?

Thanks in advance!

0 Votes 0 ·
DSPatrick avatar image DSPatrick IkhsanAli-1590 ·

Each domain controller.


0 Votes 0 ·
DSPatrick avatar image DSPatrick IkhsanAli-1590 ·

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--



0 Votes 0 ·
IkhsanAli-1590 avatar image IkhsanAli-1590 DSPatrick ·

Hi @DSPatrick

I just consult my Manager and he said it's not allowed to send the information since it will expose some sensitive information.

May you please advise me what kind of checking/configuration needs to be done by those files, please?

Thank you in advance,

0 Votes 0 ·
Show more comments
barzinhosseini avatar image
0 Votes"
barzinhosseini answered IkhsanAli-1590 commented

Hello.

When your local DCs go down the site coverage must run and your cloud DC must take the responsibility of local. I prefer to say it is DNS issues. please check these possible issues in DNS server :

The NS server IP and FQDN in your DNS server.
Check the CNAME and it's GUID for each server.
Try to create conditional forwarder in local DC with forest scope for cloud ( after that force to replicate).

Additional causes :

The date and time for both local and cloud server

Firewall rules
more information about ports :
service-overview-and-network-port-requirements
data-flow


· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

IkhsanAli-1590 avatar image IkhsanAli-1590 ·

Hi @barzinhosseini .

Thanks for your answer. Do you mean DNS in the cloud? Because if I didn't turned off the DC in the local, the dns is working just fine.

Anyway, I've checked some of your points :

  1. NS Server IP : if I vlookup my domain (when all DCs in the local is ON or OFF), it showed all three of them (2 local dc and 1 cloud dc). FQDN is my domain

  2. The CNAME has all the FQDN of my DCs (both in cloud and local). for the GUID, may you please advise which one I should check

  3. Additional forwarders => I tried to create it in my PDC, but it said zone already exist.

  4. Date and time is same in both local and cloud DCs

  5. I am quite confident that the firewall has been setup properly too (both in the local and in the cloud). But I will double check again just in case.

Appreciate your answer.



0 Votes 0 ·