I'm dealing with some frustrating issues in my network where Active Directory (AD) seems to be pointing to the secondary domain controller, which is causing intermittent connection problems. I'm running into issues logging into a SQL server and having trouble with RDP on a workstation. Another workstation consistently logs a trust relationship failure when trying to log in. These issues seem to have popped up after the setup ran smoothly for over six months. Sometimes rebooting the domain controllers clears up the problem temporarily, but the controllers are hosted on Hyper-V, and neither of the hosts has any AD roles. Should they?
3 Answers
First off, have you checked your DNS settings? Misconfigured DNS can lead to a lot of the connectivity issues you're describing. You mentioned that all computers are pointing to the main AD controller—maybe try adding both controllers into the DNS settings to see if that helps. Intermittent issues can often trace back to DNS misconfigurations.
Yeah, your problems seem to hint at DNS complications. Remember, the PDC emulator is only on one DC, and it usually holds the Global Catalog. If you haven't already, delve into the Knowledge Consistency Checker and ensure your Active Directory layout is smooth. What exact issues are you facing with the RDP and SQL server access?
It sounds like you're experiencing DNS issues in your setup. Just a heads up, in modern AD, 'secondary DC' isn't really a concept; both domain controllers are equal. If one is having issues, it should be noted, but your systems should still function normally regardless of which DC they're reaching out to. I'd suggest looking into the Knowledge Consistency Checker—ensuring your Sites and Services are set up correctly can often solve these kinds of problems.
What exactly might be wrong with the DNS, though? I tried both AD controllers without any improvement.