Re: Sites Setup and Connectivity

From: ptwilliams (ptw2001_at_hotmail.com)
Date: 05/26/04 

Date: Wed, 26 May 2004 20:47:32 +0100

Whether or not you're going to need to open ports on the f/w depends on how
you are connecting through it -VPN no, normal AD traffic yes.

For a list of ports see this article:
http://support.microsoft.com/?kbid=150543

I assume that all of these sites are internal? If so, there isn't a
problem. Nor will there be one with a public address, unless the public
address is truly public in that it can be accessed from the Internet. What
IP addresses you use don't matter, as long as the subnets are correctly
defined.

You configure the subnets in AD Sites and Services, and then assign subnets
to sites. With this done, when you run dcpromo, your machine will
'discover' what site it is in and assign itself to that site.

You will need to establish site links. Once these are setup let the ISTG
([Inter] KCC) generate the appropriate connection objects -don't create
manual ones.

The main thing is to get DNS up and running properly before anything else.

Post all of your questions and concerns...and we'll get you through this
endeavour ;-)

Paul.
____________________________
"Enrique" <edentone_removethis_@hotmail.com> wrote in message
news:12d5b01c44357$a7ac01e0$a301280a@phx.gbl...
> I am in the process of connecting 5 sites. One site is not
> behind a firewall and the other 4 are.
>
> The site that is not behind a firewall will be housing the
> Domain controller for the domain. I want the other 4 sites
> to connect and replicate data and be child domains to the
> existing domain.
>
> All these sites are connected via a T1 line. How do I go
> about joining the domain at Site 1 from the other sites?
> Do I need to open any particular ports from the sites
> behind the firewalls? How do I tell DCPROMO.exe where to
> find the DC at the remote sites?
>
> Also, the main site with the DC has a public IP where the
> other sites all maintain private IPs. Any and all
> suggestions to this situation would be greatly appreciated.
>
> Thanks,
>
> Enrique

Relevant Pages

  • Re: POP3 and SBS 2003 Problem
    ... >> DO you mean you have this HORRENDOUS list of ports open incoming ... > Linksys Firewall. ... I don't recommend anyone connecting via POP - you will invariably end ... public websites on your server. ...
    (microsoft.public.windows.server.sbs)
  • RE: N00b Question
    ... The method you mention has man flaws, namely, multiple hosts. ... uses multiple IP address and ports for connecting. ... No need to sit there and block ports. ... For MSN/yahoo chat you can block the ports in your external firewall. ...
    (Security-Basics)
  • Re: issues with Intel Pro/1000 and 1000baseTX
    ... It's connected to a HP Procurve 1700-24 switch which supports 1000baseTX on ... much older end user system which uses the same card, ... problem connecting at 1000baseTX. ... I have of course tried switching ports. ...
    (freebsd-questions)
  • Re: issues with Intel Pro/1000 and 1000baseTX
    ... It's connected to a HP Procurve 1700-24 switch which supports 1000baseTX on ... much older end user system which uses the same card, ... problem connecting at 1000baseTX. ... I have of course tried switching ports. ...
    (freebsd-stable)
  • Re: Anyone successfully bonding 2 ether ports?
    ... I am a bit rusty on this, but if you setup the box with 2 ports configured with one IP address your connected layer 2 switch also needs some intelligence to know that you are running it this way. ... From memory Cisco's CDP use to get into trouble and had to be disbled if you setup a "loop" between two of their devices (eg connecting two L2 switches with two cables) in this way. ...
    (alt.os.linux.suse)