Re: configuration of 2 remote sites

Dan,

I am jumping in here in the middle of the conversation, so forgive me if I
am repeating something that was stated earlier.

Generally, there are only a few circumstances where you want to create more
domains in your forest or a subdomain. These are: to provide security
boundaries (different security or password policies), to support
administrative fiat or regulatory compliance, to protect yourself from
geopolitical security issues.

Generally, you can handle most situations with a single domain and
appropriate use of OUs. There are exceptions to everything, but this is a
good general guideline.

Hope this helps.
--
Ryan Hanisco
MCSE, MCTS: SQL 2005, Project+
Chicago, IL

Remember: Marking helpful answers helps everyone find the info they need
quickly.


"Dan Andrews" wrote:

I'm assuming that you want to add the new servers as additional DCs,
correct?

Yes, thats correct. So when running dcpromo on the remote sites I would
create an additional domain controller for an existing domain? Or create a
separate domain? NOTE: The users at the remote siites will need to access
the exchange mailboxes.
--
Thanks a lot,
Dan


"Jorge Silva" wrote:

please see inline
I will add the 2 remote sites into AD Sites and services at corporate with
the appropriate subnets, then when you say "When running DC promo..." you
mean on the 2 remote servers correct?
Correct. You should (IMO) configure the sites and assign the proper subnets
to these sites and then use IFM to promote the new additional servers, by
doing this way the servers will be automatically placed on the correct site.

Would these then be part of the
existing forest at Corporate?
I'm assuming that you want to add the new servers as additional DCs,
correct? If I'm wrong, and you only want to add the new servers as member
servers (NO AD) then you shouldn't need to create additional Sites (unless
you're using DFS or any other app site aware), instead just assign the
subnet to the site where you want the servers to be authenticated.

--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
"Dan Andrews" <dan4u2@xxxxxxxxxxxxxxxx> wrote in message
news:1F3874EC-1ABE-4A3C-8808-F05F174DF7D7@xxxxxxxxxxxxxxxx
Thank you Jorge for your fast response! I have a couple questions if I
may?
I will add the 2 remote sites into AD Sites and services at corporate with
the appropriate subnets, then when you say "When running DC promo..." you
mean on the 2 remote servers correct? Would these then be part of the
existing forest at Corporate?
--
Thanks,
Dan


"Jorge Silva" wrote:

Hi
Create the Remote Sites on the Active Directory Sites and services,
configure and assign the correct subnet to that site(s).
To save bandwidth you can use IFM CHECK:
http://support.microsoft.com/kb/311078
When running Dcpromo, AD will automatically place the servers in the
correct
site assuming that you already configured them.
All the rest of the process is equal as adding a additional DC. Is a good
practice to have a DNS at these locations, the DC should be GC, because
you're using different subnets you may want to setup WINS at these remote
locations, etc...
--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
"Dan Andrews" <dan4u2@xxxxxxxxxxxxxxxx> wrote in message
news:D89C206C-2679-4C77-A9E3-048605E2A548@xxxxxxxxxxxxxxxx
Hello,
I am looking for some help on how to setup 2 remote locations and
what
is
required. Corporate has 2 windows 2003 servers 1 domain controller 1
exchange server as a member server. We need to setup 2 remote
locations
and
are purchasing 2 new servers running 2003 server. There will be a vpn
configured to corporate from each of the locations. What is the
recommended
setup for the remote locations? Would I install AD or run them as
members
of
the domain? How would AD be setup as to not take up too much bandwidth?
In
this configuration I am assuming the remote user would authenticate to
the
local DC? What about the Global Catalog? would I make a remote DC a GC
as
well?

Thanks a lot,
Dan Andrews
--
Thanks,
Dan






.

Relevant Pages

  • Re: configuration of 2 remote sites
    ... remote servers as member servers in an existing Domain? ... So when running dcpromo on the remote sites I would ... You should configure the sites and assign the proper subnets ...
    (microsoft.public.windows.server.active_directory)
  • Re: configuration of 2 remote sites
    ... mean on the 2 remote servers correct? ... You should configure the sites and assign the proper subnets ... to these sites and then use IFM to promote the new additional servers, ... you're using different subnets you may want to setup WINS at these remote ...
    (microsoft.public.windows.server.active_directory)
  • Re: SQL2005 fails to install on Cluster
    ... I usually get this error if I'm logged on more than one servers using Remote Desktop, so ensure that you are logged off from other servers. ... Ensure that you are logged off from the other one first and start SQL Server Setup to install Clustered Services again. ...
    (microsoft.public.sqlserver.setup)
  • Re: What happens to my W2K domain controllers
    ... Make sure you make the remote dc's gc's as well ... >> offices (running AD-integrated DNS) ... > 2003 member servers. ... >> 8) Run dcpromo on all four old W2k DCs to demote them to member servers. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Question - Remote sites without servers over vpn
    ... it is okay to leave the "remote" subnets associated to your Main Site. ... > see why I didn't want to put servers there. ... > I added their subnets to our hub ...
    (microsoft.public.win2000.active_directory)