Hi, I'm a JR Sys admin and am still learning about Servers and AD.
At work, we have a single domain across 2 sites (each site has a dozen
computers or so running XP Pro). The 2 sites are connected via a PTP.
Our domain is running in Windows 2000 mixed functional level, and our forest is running Windows 2000 functional level. All our servers and DCs are Server 2003 R2.
I'm planning to raise the domain functional level to 2003.
At Site A, the PDC and a BDC are located here, along with the exchange server (2003).
At Site B, there is another BDC (Virtualized)
All the DCs have the server roles DNS, DHCP, and
WINS server.
In case the PTP
connection ever goes down, I want to make sure Site B (the side with no PDC) will be still be able to function (log in to domain etc.) They will use webmail since they can't access Site A (where exchange is located).
Currently the PDC at Site A holds all the FSMO roles. My main question is what is the best way to make sure Site B still can login to the domain without any visible problems to the users? Let's say the PTP is down for a few days to a week.
Through my research and limited understanding, my options are:
1. If the PTP goes down, then Site A and B can't talk to each other. Site A will be fine since the PDC is there.
On site B, we can promote the BDC to PDC and seize the FSMO roles. Once the PTP is restored, we remove the BDC and replace it with the original BDC vm.
2. Do nothing really. I read that it is okay if no FSMO roles exist on site B for a short while. Just minimize any changes (password resets etc.) and once link is restored everything will sync up.
3. ??
I know that a DC shouldn't be down more than 60 days (Tombstone) but it shouldn't get to that point. Are there any other concerns I need to worry about?
Thanks in advance. I work in a small company and am still learning (taking classes and learning on the job) etc.
