I have a primary DC (win 2k19) managing a network and decided to add a 2nd DC in case of any failure for the PDC. The 2nd DC is also win 2k19, setup went OK and it seems that replication was OK as well, time is synced between both. Windows firewall on DC2 is disabled.
When I shut down the PDC and tried to check that secondary DC will act and respond, it did not work, doing nslookup from client, it does not work.
When I fire Azure Users and Computers, I see that everything was transfered from DC1 to DC2
When Issuing the following command when DC1 is up and running
.\nltest /dclist:salam.net
I get
Get list of DCs in domain 'salam.net' from '\SALAMMAIN.salam.net'.
SALAMMAIN.salam.net [PDC] [DS] Site: Default-First-Site-Name
DC2.salam.net [DS] Site: Default-First-Site-Name
The command completed successfully
Running
ping salam.net
on both machines DCs gives same result, it responds with the DC2 IPv4.
DNS roles installed on both DCs
I have set the IP address of DC1 and 127.0.0.1 for Preferred DNS on DC1.
I have set the IP address of DC1 and 127.0.0.1 for Preferred DNS on DC2
issuing nslookup salamn.net
I get
Server: dc1.salam.net
Address: 192.168.1.13
*** dc1.salam.net can't find salamn.net: Non-existent domain
I really dont understand the 3rd statement when it has already found dc1 and its IP
When I run
repadmin /syncall /AdeP on both DCs, I get
SyncAll terminated with no errors.
but running on DC2 (the new DC)
dcdiag /test:replications
I get
DsReplicaGetInfo() failed with status 8453 (0x2105) Replication access was denied.
As I said, when I disconnect Dc1 from network no authentication happens with DC2 and need to bring back DC1 in the network
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 19%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESE%3C/text%3E%3C/svg%3E)
