Re: Site Creation

"The question that remains is the one regarding DNS
forwarder for CO DC"

What info do you need?

"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:er2AE2LDHHA.4228@xxxxxxxxxxxxxxxxxxxxxxx
Hi!

If all ports within tunnel are open, than you should be fine (if i
understand your network setup correctly). The only thing that you should
do is to set up new DC with correct IP and DNS address before promoting it
to DC. You can check name resolution with nslookup. Before you run dcpromo
on CO-DC, DNS should point to NY DC. After setup is completed implement AD
integrated DNS, configure all CO clients to point to local DNS, configure
CO DNS to point to itself. The question that remains is the one regarding
DNS forwarder for CO DC.

Toni

"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:O2R1ibLDHHA.2328@xxxxxxxxxxxxxxxxxxxxxxx
Toni, within my VPN tunnel, all ports are opened. The VPN tunnel is
provided by two Cisco PIX firewalls. I have a few questions:

1) If I add a new site to my current AD setup, will that create any type
of problems? For example, down time? 2) Do I have to create static
mappings on my firewall from my current DC's to my new DC in CO? Or do
the DC's know where each other are no matter where they are located?

"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:OyWvTWLDHHA.2328@xxxxxxxxxxxxxxxxxxxxxxx
Hi!

If you have VPN tunnel between sites this shouldn't be necessary. If
there is a firewall it should be confugured to allow AD replication,
please check these two articles:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx

and

http://support.microsoft.com/kb/179442

HTH

Toni

"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:ek1s3aKDHHA.4132@xxxxxxxxxxxxxxxxxxxxxxx
Would you know if I have to create any static mappins on the firewall
between the two DCs?

"Russ" <munruss@xxxxxxxxx> wrote in message
news:OrW9A2$CHHA.4680@xxxxxxxxxxxxxxxxxxxxxxx
No, the bandwidth is fine.

"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:eBFRmFpCHHA.3924@xxxxxxxxxxxxxxxxxxxxxxx
Hi!

That depends on available bandwidth of your WAN link and size of
Active Directory database. If WAN link is slow and database is big,
your suggestion is right. Otherwise you could add new DC on CO
location. Install Support Tools and use Replication Monitor to
monitor or force replication after you're done.

HTH

Toni

"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:e6%23Ah9oCHHA.3524@xxxxxxxxxxxxxxxxxxxxxxx
Thank you Toni. The NY site is our current site and running. I have
to create the CO site now. Now, as far as building the DC, should I
promote my server to a DC while on my NY domain and then move it to
the CO site once I am done?

"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:OXSQOfoCHHA.3380@xxxxxxxxxxxxxxxxxxxxxxx
Hi!

1. Create two sites (for example NY-Site, CO-Site).
2. Move DCs to appropriate sites.
3. Create and configure inter-site link.
4. Create subnet object 192.168.1.0/24 and link it to NY-Site.
5. Create subnet object 192.168.100.0/24 and link it to CO-Site.

You should use Active Directory Sites and Services to perform these
steps.

Note: You can rename "Default-First-Site-Name" to NY-Site.

HTH

Toni

"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:eXZyHDoCHHA.3836@xxxxxxxxxxxxxxxxxxxxxxx
I'm a bit confused with the steps that I have to take with the
following
senario:

In my current NY location, I have two Windows 2000 AC domain
controllers. I
have to setup a new site in CO. The CO office will have about 20
employees.
I want to install a DC in CO and have it authticate users there.
The two
offices will communicate through a VPN tunnel, which is proved by
two Cisco
PIX firewalls. All ports within the VPN tunnel are open. The
subnet of the
CO clients are 192.168.100.x and the subnet of my current location
is
192.168.1.x.

Can the experts out there help me create this? Thank you...



















.

Relevant Pages

  • Re: Site Creation
    ... DNS should point to NY DC. ... After setup is completed implement AD ... If you have VPN tunnel between sites this shouldn't be necessary. ... Create subnet object 192.168.100.0/24 and link it to CO-Site. ...
    (microsoft.public.windows.server.general)
  • Re: Whats the best solution?
    ... This will let it automatically log in and set up the tunnel. ... > You can then tunnel any TCP traffic through a secure channel to your server. ... > For DNS, use the IP address of the server you plan to use for the other end ... >> dedicated private server I have on the global internet, ...
    (freebsd-net)
  • Re: Site Creation
    ... or CO-DC's DNS should point to NY-DC. ... understand your network setup correctly). ... provided by two Cisco PIX firewalls. ... Create subnet object 192.168.100.0/24 and link it to CO-Site. ...
    (microsoft.public.windows.server.general)
  • Re: Whats the best solution?
    ... Also, to get the authentication to be automatic, ... You can then tunnel any TCP traffic through a secure channel to your server. ... For DNS, use the IP address of the server you plan to use for the other end ...
    (freebsd-net)
  • Re: Site Creation
    ... CO-DC's DNS should point to NY-DC. ... understand your network setup correctly). ... provided by two Cisco PIX firewalls. ... Create subnet object 192.168.100.0/24 and link it to CO-Site. ...
    (microsoft.public.windows.server.general)
Loading