Re: Adding a second site
From: Alex Anderson (AAnderson_at_Murrieta.org)
Date: 04/29/04
- Next message: Eric Chamberlain: "Re: Does Anyone Do Pro-Active Maintenance?"
- Previous message: Whatzupee: "RE: password"
- In reply to: Cary Shultz [A.D. MVP]: "Re: Adding a second site"
- Next in thread: Cary Shultz [A.D. MVP]: "Re: Adding a second site"
- Reply: Cary Shultz [A.D. MVP]: "Re: Adding a second site"
- Reply: Herb Martin: "Re: Adding a second site"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 29 Apr 2004 16:49:28 -0700
Cary,
Here's my dilemma, I currently have a WAN connection between two sites,
we'll call them Site A and Site B. At Site A is where my DOMAIN sits.
Clients from Site B authenticate over the WAN link (because there is no
local DC) and what I'm trying to do is have Site B's authentication only
happen at Site B. When setting up Sites, I'm not sure if there will be a
new distinguished DOMAIN name at Site B. It seems when I add this new Site
B DC I'm just branching over my existing domain to that site and that's it,
no new domain names or anything of that nature are created. I was under the
assumption by adding a new site DC to Site B I would have
newDCname.existingdomain.com and my clients would authenticate to that DC
not the DC at Site A. I understand that replication traffic will occur
between Site A and B but client authentication would be just at Site B. I
hope this clears up some confusion on exactly I want to accomplish.
Thank you
Alex Anderson
"Cary Shultz [A.D. MVP]" <cwshultz@mvps.org> wrote in message
news:ecz1wtjLEHA.3064@TK2MSFTNGP11.phx.gbl...
> Alex,
>
> I think that Herb is trying to tell you that you can do it that way. As
> with most Microsoft products, there are usually a couple of ways to do
> something.
>
> As to your question, so long as the computer accounts exist in the domain
> you do not need to worry about what shows up in the 'log on to...' box.
The
> only thing that will show up is the domain of which the computer account
is
> a member as well as any other domains which have a trust with that domain.
>
> I am not sure that I understand your question about joining the computers
to
> another Site. Computer accounts do not join Sites, they join domains.
The
> only thing that shows up in the 'log on to...' box is domains ( as
explained
> in the previous paragraph ).
>
> Your clients should not experience any downtime. It should be pretty
> seamless. You might want to have them reboot the next morning so that
they
> for sure have the correct IP Address lease and information. As Herb
stated,
> they should authenticate against the 'local' DC. However, as he stated it
> is technically possible that they could authenticate against any DC in the
> domain. If the 'local' DC is not available then they will look for any
> other DC in that Site and then any other available DCs in the Domain.
>
> Here are two links that describe how clients ( WIN2000 and WIN XP ) locate
> Domain Controllers:
>
> http://support.microsoft.com/?id=247811
> http://support.microsoft.com/?id=314861
>
> This should show you how important it is to set up Sites correctly.
>
> Also, I think that you might not fully understand the whole concept of
Sites
> yet. No worries on that - it will come. Essentially, Sites are a new
> concept in WIN2000 that allow you to have one domain spread across
multiple
> geographic locations. So, instead of having a child domain for each
> location ( for example ) you can have the same domain in multiple
locations.
> What most people will tell you is that you use Sites to control Active
> Directory Replication as well as 'assist' clients in logging on to the
> 'local' Domain Controller ( where 'local' is typically defined as within
the
> same subnet - which is why it is important to set up Sites and then set up
> the Subnets and associate each Subnet with the correct Site ).
>
> HTH,
>
> Cary
>
>
> "Alex Anderson" <AAnderson@Murrieta.org> wrote in message
> news:%23Hw9bLjLEHA.2456@TK2MSFTNGP12.phx.gbl...
> > Herb,
> >
> > I'm a bit confused by your statement "but it is not essential to do
it
> > that way." Are you saying, yeah you can do it that way but its not the
> > right way, or yeah you can do it that way but not necessary? As for the
> > last question I posed, once I have added the new site successfully into
my
> > forest, will my clients experience downtime in way? My plan was to get
> the
> > site up, then go around and join the computers to the new site. Will I
> have
> > to join the computers to the new site or will there be another DC (the
new
> > site) in the GINA login drop-down box? I've never done this before, so
> I'm
> > not sure what to expect.
> >
> > Thank you for your help.
> >
> > Alex Anderson
> >
> > "Herb Martin" <news@LearnQuick.com> wrote in message
> > news:u4dau8iLEHA.1312@TK2MSFTNGP12.phx.gbl...
> > > "Alex Anderson" <AAnderson@Murrieta.org> wrote in message
> > > news:#VQBh6gLEHA.2388@TK2MSFTNGP09.phx.gbl...
> > > > Herb,
> > > >
> > > > Okay, so what you're saying is, set up the new second site first
> > under
> > > > ADSS then dcpromo the new server into that site? Also, at this
site,
> > they
> > >
> > > I am saying "That works." but it is not essential to do it
> > > that way.
> > >
> > > > are currently authenticating to the existing domain, when I add this
> new
> > > > site to my existing domain, will my current clients that are
> > > authenticating
> > > > to the first default site (existing DC) be affected in any way?
> > >
> > > Yes, they will start PREFERRING the local (same site) DC but
> > > still authenticate against the other one (other site) if it is down.
> > >
> > > --
> > > Herb Martin
> > > >
> > > > Thank you
> > > > Alex Anderson
> > > >
> > > > "Herb Martin" <news@LearnQuick.com> wrote in message
> > > > news:eOF0klZLEHA.3684@TK2MSFTNGP12.phx.gbl...
> > > > > "Alex Anderson" <AAnderson@Murrieta.org> wrote in message
> > > > > news:uWilEeXLEHA.2388@TK2MSFTNGP09.phx.gbl...
> > > > > > Hello Everyone,
> > > > > >
> > > > > > When I add an addition site to my domain, do I dcpromo the
> > server
> > > > > first
> > > > > > then add it to an existing domain
> > > > > > or do I set up the site links, subnets
> > > > > > under ADSS first?
> > > > >
> > > > > If you set up the second site first, and install the new
> > > > > server IN one of it's subnets then when you DCPromo it
> > > > > it SHOULD end up in the correct site.
> > > > >
> > > > > If not, or if you do it the other way around, you can "right-click
> > > > > & Move" it.
> > > > >
> > > > > > Simply, what is the order of operation when adding an
> > > > > > addition site to your domain?
> > > > >
> > > > > Add it when you add the network.
> > > > >
> > > > > Or at your first opportunity after the forest is created.
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Eric Chamberlain: "Re: Does Anyone Do Pro-Active Maintenance?"
- Previous message: Whatzupee: "RE: password"
- In reply to: Cary Shultz [A.D. MVP]: "Re: Adding a second site"
- Next in thread: Cary Shultz [A.D. MVP]: "Re: Adding a second site"
- Reply: Cary Shultz [A.D. MVP]: "Re: Adding a second site"
- Reply: Herb Martin: "Re: Adding a second site"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
