Domain replication wooes.

CougTek

CougTek

Hairy Aussie
Joined
Jan 21, 2002
Messages
8,726
Location
Québec, Québec
We'll be moving our servers to an external hosting site in the beginning of next year. We'll also keep a few systems in our office. We want to create two domains with two different IP segments, linked by VPN (one local, one remote). I'm trying to figure out what's the best way to do it.

For now, I do all my tests in VMWare. I formed a team composed of the two servers. Let's assume the local domain uses 192.168.20.x IP segment and the the remote domain uses 192.168.21.x.

I setup one Server 2008 R2 domain controller for each location. And I want to configure the active directory replication between the servers. Should I create a new forest on one of the servers and add a domain within an existing forest on the other one? I figure that's how to do it. But when I've tried, both servers weren't able to see each other.
 
Chewy509

Chewy509

Wotty wot wot.
Joined
Nov 8, 2006
Messages
3,327
Location
Gold Coast Hinterland, Australia
Did you want a forest setup, or a single flat domain setup...

Single flat domain setup is easy:
1. Create the first domain controller. (It will hold all the FSMO roles).
2. Build the second server and ensure it can the first server via the VPN. Join the second server to the domain (it's only a member server of the domain).
3. Promote the second server as a domain controller.
4. Check the link states and setups in the "Active Directory Sites And Services" tool. Confirm the sync times and latency values as well to ensure they match the interconnect used between the two domain controllers.
5. ???
6. Profit.

See http://technet.microsoft.com/en-us/library/bb726976.aspx for more information.

PS. The last time I did this was with Windows 2003 in a 5 site setup (flat domain setup), and it was relatively straight forward. It's when you want to start seting up a forest with interdomain trust that things get a little complicated. But that depends on the size of the busness and the number of users at each site. (The one I setup was for a 200 person company, with 100 people at the main site, and 10-30 people at the "remote" sites - so fairly small).
 
Mercutio

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
21,625
Location
I am omnipresent
If your namespace consists of a single domain, then make a single domain in AD. You can configured the DCs as belonging to different sites and screw around with replication settings if you need to.
 
Howell

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
Mercutio said:
If your namespace consists of a single domain, then make a single domain in AD. You can configured the DCs as belonging to different sites and screw around with replication settings if you need to.
Click to expand...

This. You can even implement RODCs of it comes to it.
 
You must log in or register to reply here.
Top