AD servers could not be accessed via rdp and ping after windows up

Hi all,

I scheduled a down time to patch all my servers as well as AD servers. My AD
servers are spread across 3 sites(2 subsidiary and 1 HQ). The 2 subsidiary
sites are linked to my HQ using a 2Mbps MetroEthernet line. After patching, i
restart all my servers at the same time. After more than 30min i realise i
could not rdp and ping the various AD servers. All other non AD servers are
fine. My HQ AD server console shows a black screen but i could access the
share folders. I did a manual restart to the AD server and it works fine
subsequently. I went to my 2 subsidiary sites and realise that both servers
are booted up but could not ping and rdp. I need to restart both servers to
resolve the problem. Must i restart my AD servers in a sequential manner? Is
it true that i cannot restart all my AD servers at the same time? Pls advise.
Thks in advance.

Hello inenewbl,

That they don't react for remote desktop connection even if started, i can't
realize at the moment, any errors in the event viewer?

For the boot sequence it is important in a domain, that at least one DNS
server for the domain is avalaible, that can be used from the DCs to start,
as the boot time will be really long if they use it's own DNS server.

The DC needs DNS to start the netlogon service, so if it only use itself
as DNS server and the DNS server service isn't that fast with starting.

Also applications like exchange must have a DC available to use it's Global
catalog.

I suggest to re/boot always in that order that one DC/DNS is always available,
so each machine can reach a DNS/DC all the time. If you have to complete
shutdown the domain, then make sure to wait until the DC/DNS servers are
up and running and then go on with the other servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi all,
>
> I scheduled a down time to patch all my servers as well as AD servers.
> My AD servers are spread across 3 sites(2 subsidiary and 1 HQ). The 2
> subsidiary sites are linked to my HQ using a 2Mbps MetroEthernet line.
> After patching, i restart all my servers at the same time. After more
> than 30min i realise i could not rdp and ping the various AD servers.
> All other non AD servers are fine. My HQ AD server console shows a
> black screen but i could access the share folders. I did a manual
> restart to the AD server and it works fine subsequently. I went to my
> 2 subsidiary sites and realise that both servers are booted up but
> could not ping and rdp. I need to restart both servers to resolve the
> problem. Must i restart my AD servers in a sequential manner? Is it
> true that i cannot restart all my AD servers at the same time? Pls
> advise. Thks in advance.
>

Hi Weber,

Thk you for your prompt response. How about those MS AD domains where there
is only 1 DC and the only dns is also installed on that DC? Does that mean
the DC is at risk of a long bootup upon restart? Thk you!!

"Meinolf Weber [MVP-DS]" wrote:

> Hello inenewbl,
>
> That they don't react for remote desktop connection even if started, i can't
> realize at the moment, any errors in the event viewer?
>
> For the boot sequence it is important in a domain, that at least one DNS
> server for the domain is avalaible, that can be used from the DCs to start,
> as the boot time will be really long if they use it's own DNS server.
>
> The DC needs DNS to start the netlogon service, so if it only use itself
> as DNS server and the DNS server service isn't that fast with starting.
>
> Also applications like exchange must have a DC available to use it's Global
> catalog.
>
> I suggest to re/boot always in that order that one DC/DNS is always available,
> so each machine can reach a DNS/DC all the time. If you have to complete
> shutdown the domain, then make sure to wait until the DC/DNS servers are
> up and running and then go on with the other servers.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
> > Hi all,
> >
> > I scheduled a down time to patch all my servers as well as AD servers.
> > My AD servers are spread across 3 sites(2 subsidiary and 1 HQ). The 2
> > subsidiary sites are linked to my HQ using a 2Mbps MetroEthernet line.
> > After patching, i restart all my servers at the same time. After more
> > than 30min i realise i could not rdp and ping the various AD servers.
> > All other non AD servers are fine. My HQ AD server console shows a
> > black screen but i could access the share folders. I did a manual
> > restart to the AD server and it works fine subsequently. I went to my
> > 2 subsidiary sites and realise that both servers are booted up but
> > could not ping and rdp. I need to restart both servers to resolve the
> > problem. Must i restart my AD servers in a sequential manner? Is it
> > true that i cannot restart all my AD servers at the same time? Pls
> > advise. Thks in advance.
> >
>
>
> .
>

Hello inenewbl,

Yes, with one DC/DNS only the boot time will be longer. Unfortunal this isn't
to change, excpt having a second DNS up and running.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi Weber,
>
> Thk you for your prompt response. How about those MS AD domains where
> there is only 1 DC and the only dns is also installed on that DC? Does
> that mean the DC is at risk of a long bootup upon restart? Thk you!!
>
> "Meinolf Weber [MVP-DS]" wrote:
>
>> Hello inenewbl,
>>
>> That they don't react for remote desktop connection even if started,
>> i can't realize at the moment, any errors in the event viewer?
>>
>> For the boot sequence it is important in a domain, that at least one
>> DNS server for the domain is avalaible, that can be used from the DCs
>> to start, as the boot time will be really long if they use it's own
>> DNS server.
>>
>> The DC needs DNS to start the netlogon service, so if it only use
>> itself as DNS server and the DNS server service isn't that fast with
>> starting.
>>
>> Also applications like exchange must have a DC available to use it's
>> Global catalog.
>>
>> I suggest to re/boot always in that order that one DC/DNS is always
>> available, so each machine can reach a DNS/DC all the time. If you
>> have to complete shutdown the domain, then make sure to wait until
>> the DC/DNS servers are up and running and then go on with the other
>> servers.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi all,
>>>
>>> I scheduled a down time to patch all my servers as well as AD
>>> servers. My AD servers are spread across 3 sites(2 subsidiary and 1
>>> HQ). The 2 subsidiary sites are linked to my HQ using a 2Mbps
>>> MetroEthernet line. After patching, i restart all my servers at the
>>> same time. After more than 30min i realise i could not rdp and ping
>>> the various AD servers. All other non AD servers are fine. My HQ AD
>>> server console shows a black screen but i could access the share
>>> folders. I did a manual restart to the AD server and it works fine
>>> subsequently. I went to my 2 subsidiary sites and realise that both
>>> servers are booted up but could not ping and rdp. I need to restart
>>> both servers to resolve the problem. Must i restart my AD servers in
>>> a sequential manner? Is it true that i cannot restart all my AD
>>> servers at the same time? Pls advise. Thks in advance.
>>>
>> .
>>