Re: Help with setting up Sites.
- From: "Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx>
- Date: Sat, 3 Feb 2007 13:43:39 -0500
Check the docs about Windows, but some of the role holders should not be
GC's in multi-domain environments such as you describe (check the support
docs for the words "Phantom" and so role holders and see Ulf's doc here:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/03/08/37975.aspx). If
you go to a single domain-multiple forest topology, then it should be fine
to make every DC a GC and in fact it would be recommended.
Within a site, the client is responsible for finding the DC. There are
algorithms that assist with that but that tends to be slightly different per
operating system revision and application. Basically, the client member
should lookup the DC and Site information in DNS and then try to contact a
DC/GC (depending :)
Does that help?
"Michael" <admin@xxxxxxxxxxxxx> wrote in message
news:en3a5G8RHHA.4260@xxxxxxxxxxxxxxxxxxxxxxx
Thanks for the prompt really. Glad to see i've not really missed the
general idea of it again this time.
I guess it should be quite easy seeing as though all servers at Site A are
on one vlan and all workstations are on another vlan.
And the same for Site B - yet theirs are different.
Therefore defining the subnets should be quite easy?
There should be no downtime at all should there for anything. If a server
is on the wrong subnet then it will just authenticate with another site DC
i guess - until we can change its address?
I'll try and answer the questions you asked as well below:
I do agree that most of what i am doing will be a formality but we do
envisage growth and so another physical site and data centre in a few
years is not out of the question.
So how many Domains do you have? [And why more than one with so few
people and locations?]
Forest Root Domain
Domain A
(Domain B - almost got rid of this now and not inlcuding it in any
conversations as it is gone really) - I will delete all this before i set
the sites/subnets up.
Domain C - A hosting domain for other companies. I want to get this in a
seperate forest really if i can plan some down time -again - this will be
done first.
Stupid and too many i know - hence why i wish to sort it out now.
Is there a problem with making every DC a GC? I don't understand why every
DC in every company is not a GC - what is the disadvtange? I will indeed
make every one of ours a GC before i start.
A bit about adding secondary DCs to each site (So 2 on site A and 2 on
site B) - I agree with what you say about this being overkill and i
probably wont bother to do it (just we have the hardware left over so
thought i would ask the question). You say that it could imporve
performance for local users if they can authenticate against either DC at
that site - how does this work exactly?
Could i therefore have:
Site A - respresenting physical site B
DC01 (GC)
ADC01 (GC)
ADotherDC03 (GC)
Site B- respresenting physical site B
DC02(GC)
ADC02(GC)
ADotherDC04 (GC)
Once again thanks for your time and suggestions.
Michael.
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:uST6U07RHHA.1860@xxxxxxxxxxxxxxxxxxxxxxx
"Michael" <admin@xxxxxxxxxxxxx> wrote in message
news:OKEwDG7RHHA.996@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
After taking everyones advice on Sites and researching it further i
wanted to run past people and see what you think on this first draft of
a plan.
We have 2 physical sites(A and B) that are a few miles apart and wish to
setup sites and subnets to represent this and for DR style purposes.
[With ONLY two sites this is trivial since you CAN use the
Default-IP-Sitelink;
for those with more sites they must create their own (correct) sitelinks
and
remove the sites from the default sitelink. I, however think it is best
to go
ahead and do it 'right' for future growth and to document the setup.]
Company only has about 150 users as well. Currently everything is based
at Site A apart from a few users at site B - though this number and
servers is increasing by the day.
Do you have any DCs at SiteB? How about resource servers? If not DC
or resources servers the separate site may be merely a formality.
IF you are going to add a DC in that location it is however better to
create
the Sites and SiteLinks so that the (new) DC will place itself correctly
and automatically.
Root Domain in Forest has a DC01 (GC) and DC02 - Nothing is in here - no
computers or users. I'm not sure why but unfortunately we can't change
this now.
True.
So how many Domains do you have? [And why more than one with so few
people and locations?]
I planned on keeping DC01 (GC) at Site A and moving DC02 to phsyical
site B - therefore we are covered against a physical site problem.
Should DC02 be set as a GC also before we move this? Also can we just
literally unplug and move it across? (ignoring the sites/subnets for the
moment?)
In a single domain forest, or any tiny forest like yours, all DCs should
be GCs.
Anyway. Domain A is where all our users/computers/live servers are.
This has ADC01 (GC) and ADC02 (GC) currently both located at site A. Is
this right for both to be a GC?
Yes, in such a small forest, all DCs should be GCs.
I plan to physically move ADC02 (GC) to site B - again - can i just do
this?
If you also move the DC in AD Sites and Services.
I therefore propose in my AD sites and subnets i have:
Default first site name (A) - respresenting physical site A
Usually this would best be renamed to SiteA although it changes
nothing about the actual setup or performance.
DC01 (GC)
ADC01 (GC)
Site B- respresenting physical site B
DC02
ADC02(GC)
You probably don't need to move the DC02 from root domain to the
other location but there is nothing wrong with doing so.
I plan to have these on their respective subnets and obviously the
clients servers in the relevant sites to authenticate against them.
Create subnets in AD Sites and Services and assign them to the sites to
define each site.
My question is because we removed an old domain we have some DCs left
over - should we utiilse more for an extra one at each site or is this
overkill?
When you need fault tolerance for clients or servers of that domain then
you should have more than one from that domain -- with more users you
might also do this for performance.
Since you have nothing (no real users or resources) in the root domain,
it
is probably irrelevant to placement of DCs.
Also my Exchange 2003 server is for some reason in the list of default
servers. Should this be there? I don't mind - it can just be in Site A
if so.
It should be in the correct site (based on Subnet) although most
"servers"
and their clients are not YET "site-aware" so it does not make a huge
difference -- good practice says to put them in the correct site as you
go so that future encancements or additional services (like DFS) added
to those machines will "just work."
I then plan to replicate accross each site.
That is sort of a non-sequitur, then the DCs will require replication and
what you are doing it setting up in Sites and Services to get them to do
it correctly and efficiently.
Does this proposal sound ok?
I realise half of this may be wrong and so appreciate all the feedback
and suggestions.
There is nothing really wrong with the above, as long as you read and
consider
the slight caveats given above.
Thanks again (and determined to get these set up soon before Exchange
2007!)
Michael.
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
.
- Follow-Ups:
- Re: Help with setting up Sites.
- From: Brian Desmond [MVP]
- Re: Help with setting up Sites.
- From: Michael
- Re: Help with setting up Sites.
- From: Herb Martin
- Re: Help with setting up Sites.
- References:
- Help with setting up Sites.
- From: Michael
- Re: Help with setting up Sites.
- From: Herb Martin
- Re: Help with setting up Sites.
- From: Michael
- Help with setting up Sites.
- Prev by Date: Re: Help with setting up Sites.
- Next by Date: Re: Help with setting up Sites.
- Previous by thread: Re: Help with setting up Sites.
- Next by thread: Re: Help with setting up Sites.
- Index(es):
Relevant Pages
|
Loading
