https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858343#M1528 With respect of the message:<BR /><BR />IP Security test . . . . . . . . . : Passed<BR />IPSec policy service is active, but no policy is assigned.<BR /><BR />That does not matters. It only warns that ipsec is not used. IPSec normally is not required for local communications because it add overhead. Tue, 10 Oct 2006 14:15:49 GMT Ivan Ferreira 2006-10-10T14:15:49Z https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858341#M1526 Recently I trying to setup a second dc and dns<BR />on the same system.<BR /><BR />seem it is working where the primary dc is alive.<BR />dcdiag and netdiag all produce good result.<BR />Only one statement found on netdiag.<BR /><BR />IP Security test . . . . . . . . . : Passed<BR /> IPSec policy service is active, but no policy is assigned.<BR /><BR />Does this matter ?<BR /><BR />The problem is when I shutdown the primary dc,<BR />seem that secondary dc could not take over.<BR />Using one of the server within the domain and<BR />perform the following:<BR />sqlplus /nolog<BR />connect /as sysdba<BR />"ORA-01031: insufficient privileges"<BR /><BR />Over at the event log, I found this<BR />Event Type: Error<BR />Event Source: NETLOGON<BR />Event Category: None<BR />Event ID: 5719<BR />Date: 9/6/2006<BR />Time: 5:13:52 PM<BR />User: N/A<BR />Computer: AMKNT809<BR />Description:<BR />No Windows NT or Windows 2000 Domain Controller is available for domain AMKPAY. The following error occurred:<BR />There are currently no logon servers available to service the logon request. <BR />Data:<BR />0000: 5e 00 00 c0 <BR /><BR />But when restart the primary dc, everything goes fine.<BR /><BR />Need some helps please.<BR />Thanks in advance.<BR />Regards,<BR />Clarence<BR /><BR /> <BR /><BR /><BR /><BR /><BR /><BR /><BR /><BR /> Thu, 07 Sep 2006 06:10:12 GMT https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858341#M1526 Clarence Lee 2006-09-07T06:10:12Z https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858342#M1527 Hi Clarence,<BR /><BR />Are your clients configured with the secondary DNS server address as well?<BR /><BR />Whenever i have experienced that error in the past it is usually down to DNS playing up.<BR /><BR />Are you using Active Driectory Zones?<BR /><BR />If you go to the DNS console, can you see both DNS/DC's in the Forward Lookup Zone-DOMAIN-sites-DOMAIN-tcp folder?<BR /><BR />This holds SRV records that are used to locate services such as LDAP and Kerberos which are needed for logon.<BR /><BR />It seems to be that your clients just don;t know about the second DC.<BR /><BR /> Tue, 10 Oct 2006 04:00:55 GMT https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858342#M1527 Jonathan Axford 2006-10-10T04:00:55Z https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858343#M1528 With respect of the message:<BR /><BR />IP Security test . . . . . . . . . : Passed<BR />IPSec policy service is active, but no policy is assigned.<BR /><BR />That does not matters. It only warns that ipsec is not used. IPSec normally is not required for local communications because it add overhead. Tue, 10 Oct 2006 14:15:49 GMT https://community.hpe.com/t5/networking/login-server-redunndancy/m-p/3858343#M1528 Ivan Ferreira 2006-10-10T14:15:49Z