Re: set up a dc in a remote site (2)
- From: "e2k3" <txl008@xxxxxxxxxxx>
- Date: Thu, 29 Jun 2006 13:45:04 +1000
Hi Jorge,
yes, the forward zone replicates between the two DCs. This can be verified
by looking at the serial number on both DCs. They are same.
However, I got event 4515 each time the server is rebooted.
Should I just ignor this?
Thanks,
"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:%23SnymEQmGHA.4212@xxxxxxxxxxxxxxxxxxxxxxx
- do you have any FW between the DCs?
- What errors do you see on the DC eventvwr
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
"second dc" <txl008@xxxxxxxxxxx> wrote in message
news:uIbdW9LmGHA.4716@xxxxxxxxxxxxxxxxxxxxxxx
"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:eyqZMVFmGHA.4064@xxxxxxxxxxxxxxxxxxxxxxx
Assuming that your gold is to add an Aditional DC for an existent domain
Inline
1. Create a new site and associated new subnet on the hub site DC;
??? - When you create a New Site ("Let's say Branch Site") you need to
create and associate the new subnet to the Branch Site. This subnet
corresponds of the subnet that is in use on Branch Site.
- Main Site - Subnet of the Main Site
- Branch Site - Subnet of the Branch Site
or
- Main Site - 192.168.0.x/24
- Branch Site - 192.168.1.x/24
Yes, I did this.
2. Associate hub site with its subnet
- and the Branch Site with its subnet
- Main Site - 192.168.0.x/24
- Branch Site - 192.168.1.x/24
Yes, as above.
3. Install base OS on the new server;
4. Configure the server NIC using DNS at hub site so that it can
resolve the name of DC at the hub site;
5. Install DNS component but not configure it;
6. Run dcpromo on the new server;
- I also said that in order to this particular configuration you would
need to make your DNS zone AD Integrated.
Yes, on the hub site the first DC it holds an AD Integrated DNS zone.
yes.
The new server was promoted to a DC succssfully. After a short while,
AD users and computers appeared on the new DC. However, a few problems
observed, mainly related to the DNS replication:
1. the reverse zones replicated without problems but the forward zones
could not replicated to the new DC even waited for two hours;
- Assuming that at this point you still have the Branch DC NIC primary
DNS pointing to the DC on the Main Site.
- Is your Forward DNS Zone Active Directory Integrated?yes.
- Go to Active Directory Sites and Services -> Expand Branch Site, DC,I think I did this but nothing happened.
NTDSSettings, right click the connection object and click replicate now
(you can also use repadmin).
- If any error occurs you should see errors in eventviewer (you can alsoI did this. But
use repadmin from support tools, repadmin /showreps).
2. on the new DC, the NTDS settings can auto-generate connections with
the hub site DC; but on the hub site DC the NTDS settings of the new
site was empty;
- check if there are registry entries for the Branch DC on the Main Site
DNS DC.
- Go to Active Directory Sites and Services -> Main Site, DC,
NTDSSettings, right click and choose check replication topology, then
refresh the Site to see if any new connection was generated.
Yes, I finally realised this. But the forward zone just could not
3. The event log shows that there were some name reolution issues;
4. If I change the NIC settings on the new server so that it uses
itself as DNS then the new server would not resolve the name of the hub
DC - as the forward DNS zones nt replicated yet;
5. If I keep the NIC settings so that the new server uses hub DC as DNS
then there was a NetBT error occurred every 35 minutes;
You need the Forward Lookup Zone Transfered to the Branch DC before you
point it to itself.
automatically transferred to the new DC.
That was the major issue I had. Don't know why. The reverse zones
transferred quickly though.
There must be something blocked the forward zones transfer.
--
I hope that the information above helps you
Thanks a lot Jorge. But I just don't know which step I did wrong. Not
patient enough?
Good Luck
Jorge Silva
MCSA
Systems Administrator
"second dc" <txl008@xxxxxxxxxxx> wrote in message
news:uKzsi$$lGHA.1912@xxxxxxxxxxxxxxxxxxxxxxx
Hi experts,
this follows the thread under the same topic that I started on
16/6/006.
I just followed the steps that I summarised (recommanded by Jorge):
1. Create a new site and associated new subnet on the hub site DC;
2. Associate hub site with its subnet;
3. Install base OS on the new server;
4. Configure the server NIC using DNS at hub site so that it can
resolve the name of DC at the hub site;
5. Install DNS component but not configure it;
6. Run dcpromo on the new server;
The new server was promoted to a DC succssfully. After a short while,
AD users and computers appeared on the new DC. However, a few problems
observed, mainly related to the DNS replication:
1. the reverse zones replicated without problems but the forward zones
could not replicated to the new DC even waited for two hours;
2. on the new DC, the NTDS settings can auto-generate connections with
the hub site DC; but on the hub site DC the NTDS settings of the new
site was empty;
3. The event log shows that there were some name reolution issues;
4. If I change the NIC settings on the new server so that it uses
itself as DNS then the new server would not resolve the name of the hub
DC - as the forward DNS zones nt replicated yet;
5. If I keep the NIC settings so that the new server uses hub DC as DNS
then there was a NetBT error occurred every 35 minutes;
It apeared to me that the DNS replication was waiting for information
from the server connection in the NTDS settings, while the NTDS
settings was wating for DNS info to replicate across sites.
What I did was below:
1. on the new server set DNS in the NIC settings points itself;
2. add entries in host files on DCs of both sites so that they can
resolve name each other witout DNS;
3. create a secondary forward zone on the new DC that copy DNS data
from the hub site DC; then change the zone type from secondary to
primary and select "store data in active directory". This makes the
forward zone becomes AD-integrated.
4. reset the frequency of the site link replication to a short time
(eg. 15 minutes) to force information replicated sooner.
5. After doing all of these, I can see gradually the server connections
info synchronized between two sites and DNS info replicated gradually -
the _msdc zone and domaindnszone, forestdnszone all replicated to the
new DC.
My question is:
1. is there a better way to guarrantee the forward DNS zone replicated
automatically?
2. Was I doing the right thing? Now, on the hub site DC I receive every
an hour a MrxSmb error, sayiing that the new DC believes it was the
master browser for the domain ...... How to get rid of it?
Thanks in advance,
.
- Follow-Ups:
- Re: set up a dc in a remote site (2)
- From: Jorge Silva
- Re: set up a dc in a remote site (2)
- References:
- set up a dc in a remote site (2)
- From: second dc
- Re: set up a dc in a remote site (2)
- From: Jorge Silva
- Re: set up a dc in a remote site (2)
- From: second dc
- Re: set up a dc in a remote site (2)
- From: Jorge Silva
- set up a dc in a remote site (2)
- Prev by Date: Re: can only login with upn after a password change policy applied
- Next by Date: Re: LDAP Error 58 (re-post)
- Previous by thread: Re: set up a dc in a remote site (2)
- Next by thread: Re: set up a dc in a remote site (2)
- Index(es):
Relevant Pages
|
Loading
