Re: Site Creation
- From: "T. Uranjek" <toniuranjek@xxxxxxxxxxx>
- Date: Mon, 20 Nov 2006 18:09:36 +0100
Hi!
If there is direct access to internet on CO site, I would configure
forwarder on CO-DC to point to ISP DNS server. This solution should be
faster (otherwise your DNS queries will have to go through VPN tunnel). And
there is another benefit to this solution: NY site (or VPN link) can go down
and you will retain internet access in CO.
Toni
"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:OzDNOWMDHHA.1224@xxxxxxxxxxxxxxxxxxxxxxx
I would think the CO DC would point the my NY DC's? why wouldn't they?
"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:eMk9$GMDHHA.2328@xxxxxxxxxxxxxxxxxxxxxxx
None. :D You should decide if forwader should point to external (ISP) DNS
or CO-DC's DNS should point to NY-DC. I would go with external ISP.
Toni
"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:O%23lGz$LDHHA.4404@xxxxxxxxxxxxxxxxxxxxxxx
"The question that remains is the one regarding DNS
forwarder for CO DC"
What info do you need?
"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:er2AE2LDHHA.4228@xxxxxxxxxxxxxxxxxxxxxxx
Hi!
If all ports within tunnel are open, than you should be fine (if i
understand your network setup correctly). The only thing that you
should do is to set up new DC with correct IP and DNS address before
promoting it to DC. You can check name resolution with nslookup. Before
you run dcpromo on CO-DC, DNS should point to NY DC. After setup is
completed implement AD integrated DNS, configure all CO clients to
point to local DNS, configure CO DNS to point to itself. The question
that remains is the one regarding DNS forwarder for CO DC.
Toni
"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:O2R1ibLDHHA.2328@xxxxxxxxxxxxxxxxxxxxxxx
Toni, within my VPN tunnel, all ports are opened. The VPN tunnel is
provided by two Cisco PIX firewalls. I have a few questions:
1) If I add a new site to my current AD setup, will that create any
type of problems? For example, down time? 2) Do I have to create
static mappings on my firewall from my current DC's to my new DC in
CO? Or do the DC's know where each other are no matter where they are
located?
"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:OyWvTWLDHHA.2328@xxxxxxxxxxxxxxxxxxxxxxx
Hi!
If you have VPN tunnel between sites this shouldn't be necessary. If
there is a firewall it should be confugured to allow AD replication,
please check these two articles:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx
and
http://support.microsoft.com/kb/179442
HTH
Toni
"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:ek1s3aKDHHA.4132@xxxxxxxxxxxxxxxxxxxxxxx
Would you know if I have to create any static mappins on the
firewall between the two DCs?
"Russ" <munruss@xxxxxxxxx> wrote in message
news:OrW9A2$CHHA.4680@xxxxxxxxxxxxxxxxxxxxxxx
No, the bandwidth is fine.
"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:eBFRmFpCHHA.3924@xxxxxxxxxxxxxxxxxxxxxxx
Hi!
That depends on available bandwidth of your WAN link and size of
Active Directory database. If WAN link is slow and database is
big, your suggestion is right. Otherwise you could add new DC on
CO location. Install Support Tools and use Replication Monitor to
monitor or force replication after you're done.
HTH
Toni
"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:e6%23Ah9oCHHA.3524@xxxxxxxxxxxxxxxxxxxxxxx
Thank you Toni. The NY site is our current site and running. I
have to create the CO site now. Now, as far as building the DC,
should I promote my server to a DC while on my NY domain and then
move it to the CO site once I am done?
"T. Uranjek" <toniuranjek@xxxxxxxxxxx> wrote in message
news:OXSQOfoCHHA.3380@xxxxxxxxxxxxxxxxxxxxxxx
Hi!
1. Create two sites (for example NY-Site, CO-Site).
2. Move DCs to appropriate sites.
3. Create and configure inter-site link.
4. Create subnet object 192.168.1.0/24 and link it to NY-Site.
5. Create subnet object 192.168.100.0/24 and link it to CO-Site.
You should use Active Directory Sites and Services to perform
these steps.
Note: You can rename "Default-First-Site-Name" to NY-Site.
HTH
Toni
"Russ" <russell_munisteri@xxxxxxxx> wrote in message
news:eXZyHDoCHHA.3836@xxxxxxxxxxxxxxxxxxxxxxx
I'm a bit confused with the steps that I have to take with the
following
senario:
In my current NY location, I have two Windows 2000 AC domain
controllers. I
have to setup a new site in CO. The CO office will have about
20 employees.
I want to install a DC in CO and have it authticate users
there. The two
offices will communicate through a VPN tunnel, which is proved
by two Cisco
PIX firewalls. All ports within the VPN tunnel are open. The
subnet of the
CO clients are 192.168.100.x and the subnet of my current
location is
192.168.1.x.
Can the experts out there help me create this? Thank you...
.
- Follow-Ups:
- Re: Site Creation
- From: Russ
- Re: Site Creation
- References:
- Site Creation
- From: Russ
- Re: Site Creation
- From: T. Uranjek
- Re: Site Creation
- From: Russ
- Re: Site Creation
- From: T. Uranjek
- Re: Site Creation
- From: Russ
- Re: Site Creation
- From: Russ
- Re: Site Creation
- From: T. Uranjek
- Re: Site Creation
- From: Russ
- Re: Site Creation
- From: T. Uranjek
- Re: Site Creation
- From: Russ
- Re: Site Creation
- From: T. Uranjek
- Re: Site Creation
- From: Russ
- Site Creation
- Prev by Date: Re: Event ID 2019 and Event ID 333
- Next by Date: Re: Installing WSUS
- Previous by thread: Re: Site Creation
- Next by thread: Re: Site Creation
- Index(es):
Relevant Pages
|
