Re: Floating Computer between domains

You really don't want multihomed DCs. Windows itself is generally weak in this area but with DCs it can get especially bad with DNS registrations and other issues.

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm


JoshG wrote:
I can't have any other machines communicating between the two networks
other than the DC's. So setting up an unrestricted router won't work.

What are the issues with setting up a "multi-homed" DC? chances are
that we can live with those....

--Josh

On Dec 5, 6:54 am, "Jorge Silva" <jorgesilva...@xxxxxxxxxxx> wrote:
Don't make your DC a multihomed DC.
Place an additional router between these two subnets, and you have 2
options:
1 - If you want to allow communications between the 2 DCs, create in each DC
a persistent route that forces the use of the unrestricted router.
2 - If you want to allow DCs and clients to comunicate with the other
subnet, just configure the existing router to redirect requests to the
additional router to the required subnet.

--
*************************************************
I hope that the information above helps you
Good Luck

Jorge Silva

MCSA + Exchange + MSCE
*************************************************

"JoshG" <Inbi...@xxxxxxxxx> wrote in messagenews:1165183259.366779.28320@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Ok, thats what I thought,
In that case, can I simply put a second network card into the domain
controllers so that they can communicate with eachother over a
dedicated subnet, that way only the domain controllers could
communicate with eachother, all other machines in the respective
networks would have to talk to the domain controller that is connected
to their subnet.
Does this work? Or do all the domain controllers have to be able to see
all computers in the domains?
Thanks guys
--Josh
On Dec 1, 3:58 pm, "JoshG" <Inbi...@xxxxxxxxx> wrote:
These two networks are PHYSICALLY DISCONNECTED.
so the two forests cannot communicate with eachother. the reason for
this is that the system that runs on these computers uses ethernet
broadcast methods to preform it's work and cannot be allowed to
interfer with the other instance of the system. (not my design, and I
can't do anything about this). So perhaps if I need to setup a trust,
could I install another NIC into the domain controller on isolated
network, and then allow it to talk to the DC on the other network...
Would this work allowing the two DC's to communicate with eachother?
Could I then make this interfacing domain controller a part of the set
for the main domain?
Joe Richards [MVP] wrote:
When you say two different networks, do you mean physically
disconnected? I.E. The forests cannot communicate with each other? If
they are connected and can communicate, then you can set up a trust. If
not you are in a bit of a spot. Assuming the latter, I would set this
up
by running Virtual PC or VMWare workstation on the laptop. Then I would
load another copy of the OS in a guest VM and that would be used for
talking to one domain. The main laptop would be used for talking to
another domain.
I do something like this for work only the laptop itself isn't in any
domain, I run VPC and any customers I deal with that I need to work on
their network, I set up a VM for each of them and I use that VM
exclusively when working on their stuff. I also have a VM for talking
to
my company network I work for.
joe

.

Relevant Pages

  • Re: Floating Computer between domains
    ... can I simply put a second network card into the domain ... communicate with eachother, all other machines in the respective ... networks would have to talk to the domain controller that is connected ...
    (microsoft.public.windows.server.active_directory)
  • Re: Floating Computer between domains
    ... So setting up an unrestricted router won't work. ... can I simply put a second network card into the domain ... communicate with eachother, all other machines in the respective ... networks would have to talk to the domain controller that is connected ...
    (microsoft.public.windows.server.active_directory)
  • Wireless users unable to get to domain controller
    ... We have wired users that are on a 10.25.27.x network and others on a ... 28.x people are on a wireless. ... communicate with the AP by use of a WEP key. ... them to map to the domain controller. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Active Directory problem
    ... >> You might also want to configure the DCs in the branch offices not to ... >> When joining a computer to a domain, that same computer does not yet know ... >> from registering domain service records and will register only site wide ... they are not joining the correct domain controller (DNS is ...
    (microsoft.public.windows.server.dns)
  • Re: DNS problems after domain rename
    ... Hi Dani, ... Fixdomainsuffix.vbs file to correct the domain name on the two DCs. ... Log on to the domain controller by using an account that has domain ... registry value to registry file on both DCs. ...
    (microsoft.public.windows.server.general)
Loading