Re: Remote Site Design and DC Configuration
- From: "Mathieu CHATEAU" <gollum123@xxxxxxx>
- Date: Sat, 25 Aug 2007 18:49:09 +0200
yes off course.
The DC is not a router.
If you do so, it won't work.
--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com
"Mathieu CHATEAU" <gollum123@xxxxxxx> wrote in message news:uIGR0kw5HHA.1204@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
Do you have only one AD domain/forest ? I guess so
in the AD sites (dssites.msc), create as many sites as IP subnet (one should match on remote site)
Attach each DC of each site to its AD Site. So computers in remote site will connect to it all time if available.
On each remote site, make the DC DHCP + DNS.
On remote workstation, give them their local DC as primary dns, and the head office dc as secondary. All through local DHCP.
GPO will be sync between DC and will be applied.
Now about problems that can occur:
The wan link can be down => local dc has the necessary to maintain service for some time
the remote dc can be down => workstation will go to the head office dc if still valid dhcp lease
the head office may be down => same as link down
So to protect, you will:
-give long lease time, say one even 2 days
-maybe put two dc if remote site is big
You may have an issue with fsmo roles if only one dc at head office. The operation master must'nt be on a DC which is Global catalog, or all DC must be Global catalog
Do you use exchange ?
--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com
"Neil" <Neil@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:522D1B24-5AB6-42F0-B95B-AD1C6FEB17CF@xxxxxxxxxxxxxxxxHi,
I came across this new design for DC's in remote sites. I have not done
anything like this, but I am not sure whether it is the correct way to have
done it. Correct me if I am wrong.
There are 4 remote sites. Each remote site has a single domain controller
and the workstations are getting their DHCP address from the domain
controller through a helper address via the router. The workstations gateway
is the router and not the domain controller.
I am not sure how will the following be:
1. Authentication for users in remote sites? Will it be local authentication
or they will it be via the WAN to the main site
2. How will the Group Policy be applied?
Is this the way it should be in design for redundancy if the remote domain
controllers fail?
Earlier what I had done is the remote sites workstations gateway is to the
DC and they authenticate to the remote domain controller, get their policies
and scripts from remote domain controllers. And, I know with this, that if
the remote DC goes down then users will not be able to authenticate and
login. But, I had another domain controller in remote sites which I could
easily turn on the Global Catalog and they should be able to login through
that and the KCC will be built from that domain controller to the main site.
Your design help would be much appreciated.
thanks in advance
.
- References:
- Re: Remote Site Design and DC Configuration
- From: Mathieu CHATEAU
- Re: Remote Site Design and DC Configuration
- Prev by Date: Re: Re-connecting existing clients to a new server
- Next by Date: Re: Media Player ver 10.
- Previous by thread: Re: Remote Site Design and DC Configuration
- Next by thread: Media Player ver 10.
- Index(es):
Relevant Pages
|
