how to know which active directory is primary and secondary?

AshKetchum

Hi,

I'm seeing 2 win2012 active directory servers in the network. how to know which is activated as primary and secondary?

coliver

There is no primary or secondary anymore for AD.

coliver

If you're looking at who holds the FSMO roles you can use this powershell command.

Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

DustinB3403

To determine which DC you're logged into you can use this from an administrative command prompt

echo %LOGONSERVER%

scottalanmiller

There is no primary or secondary with DCs. That's a SAM concept from NT 4 and earlier that died with the move to AD. AD DCs are multi-master and one is not active nor primary. They are all equal.

scottalanmiller

You may be thinking of FSMO roles. That's not like being primary and there are half a dozen of them that can be spread out to one, two or more DCs. So even there, no primary concept.

scottalanmiller

@coliver said in how to know which active directory is primary and secondary?:

There is no primary or secondary anymore for AD.

Ever. AD didn't have them from day one. It's not something that changed.

AshKetchum

ah i see, I'm reviewing user access using remote server manager and i noticed the server I'm connected to see the group policy changes. I expect i should only be connected to the server i was connected before but its not the case. Some session, I'm connected to the server we named backup or 2nd AD and on some sessions I'm on our 1st AD.

Now I'm going directly to the 1st AD when checking.

DustinB3403

Are you experiencing issues while you're connected to the second AD controller?

scottalanmiller

@AshKetchum said in how to know which active directory is primary and secondary?:

ah i see, I'm reviewing user access using remote server manager and i noticed the server I'm connected to see the group policy changes. I expect i should only be connected to the server i was connected before but its not the case. Some session, I'm connected to the server we named backup or 2nd AD and on some sessions I'm on our 1st AD.

Now I'm going directly to the 1st AD when checking.

Correct, within a single site it's kind of random. Technically it's round robin, so if you have only one device asking, it will flip back and forth each time. But because lots of devices ask and the round robin is centralized, it becomes essentially random for any individual device.

AshKetchum

Thank you very much Scott, that makes sense. I dont recall seeing this on CBT Nuggets or PluralSight. I guess you don't learn this things watching videos but from experience or more reading. Or I missed it, as i usually doing something else when watching CBT. lolz. Thank you very much again to All.

scottalanmiller

@AshKetchum said in how to know which active directory is primary and secondary?:

Thank you very much Scott, that makes sense. I dont recall seeing this on CBT Nuggets or PluralSight. I guess you don't learn this things watching videos but from experience or more reading. Or I missed it, as i usually doing something else when watching CBT. lolz. Thank you very much again to All.

MS covers it pretty solidly in their books. That's one of the best resources for MS info. The MSPress certification guides are excellent and very thorough. But doing labs hands on is still very important as well.

Shuey

@coliver said in how to know which active directory is primary and secondary?:

If you're looking at who holds the FSMO roles you can use this powershell command.

Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

I don't get why people insist on only using PowerShell to query things that can be more quickly queried with something like this:

netdom query fsmo

Am I missing something?

Dashrender

@Shuey said in how to know which active directory is primary and secondary?:

@coliver said in how to know which active directory is primary and secondary?:

If you're looking at who holds the FSMO roles you can use this powershell command.

Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

I don't get why people insist on only using PowerShell to query things that can be more quickly queried with something like this:

netdom query fsmo

Am I missing something?

It's a matter of what you are comfortable with. Some people live in powershell, so they do everything in powershell. When you're a bee, everything is a flower

scottalanmiller

@Dashrender said in how to know which active directory is primary and secondary?:

@Shuey said in how to know which active directory is primary and secondary?:

@coliver said in how to know which active directory is primary and secondary?:

If you're looking at who holds the FSMO roles you can use this powershell command.

Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

I don't get why people insist on only using PowerShell to query things that can be more quickly queried with something like this:

netdom query fsmo

Am I missing something?

It's a matter of what you are comfortable with. Some people live in powershell, so they do everything in powershell. When you're a bee, everything is a flower

And PowerShell has good unified remoting stuff now, too.

coliver

@Shuey said in how to know which active directory is primary and secondary?:

@coliver said in how to know which active directory is primary and secondary?:

If you're looking at who holds the FSMO roles you can use this powershell command.

Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

I don't get why people insist on only using PowerShell to query things that can be more quickly queried with something like this:

netdom query fsmo

Am I missing something?

Because Powershell is kind of where Windows management is moving. I get that it could be done another way but the future of Windows Server is powershell.