Re: Rename AD domain name

Tech-Archive recommends: Fix windows errors by optimizing your registry


"Daniel" <Danieltbt05@xxxxxxxxx> wrote in message
news:1157897520.446350.92680@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
But how does AD going to replicate remotely if based on what you have
mentioned. I maybe getting wrong info. on what i get previously. I'm
just curious abt this. is it by vpn ? Thanks



Daniel,

Your DCs need to be able to communicate with each other via TCP/IP. This can
be done over any network, but if you are using the Internet (or any public
network) then the traffic really should be encrypted. The easiest, and most
popular way to do this, is via a site-to-site VPN between the sites that
have DCs.

If you have multiple forests, your DCs won't need to replicate with each
other's forest. Though you may want trusts between them.

One piece of advice I can give you is to keep it simple. Don't deploy
something that will become a nightmare to manage.

Good luck!
Oliver





Phillip Windell wrote:
"Daniel" <Danieltbt05@xxxxxxxxx> wrote in message
news:1157292860.026637.155650@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I'm just wondering how would multiple remote forest replication or
trust works if AD do not have a registered FQDN on internet ?

AD uses DNS on the DC. It has nothing to do with the Internet.
You need to get someone physically there to help you with this,...if you
are
confused about something like this then you are not ready to deploy
Active
Directory by yourself.
I don't mean that negatively,... I'd just like to have you avoid a bunch
of
the trouble you could get yourself into if things go wrong. There are
tons
of things about AD that are a lot more complex than this issue, that are
going to lead to disater if not done properly. Some things about AD have
to
be done right the first time,...there is no going back if done
incorrectly
short of starting over from scratch or a whole lot of "re-working".

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com



.

Relevant Pages

  • Re: Two domains, One Forest....
    ... problem is that everything Microsoft insists on doing multiple network ... Placing DCs of both domain is both locations ... those machines now when there is heavy VPN traffic). ... > Correct - no leased lines T1 to internet VPN tunnel via internet. ...
    (microsoft.public.win2000.security)
  • Re: Site to Site VPN works. How does traffic been routed?
    ... Phillip Windell www.wandtv.com "Bill Grant" wrote in message ... > Another thing which can make VPN seem slow is using ADSL. ... The VPN Device itself is smart>> enough to know the difference between Internet traffic and your "intranet">> traffic and handle it properly. ...
    (microsoft.public.windows.server.networking)
  • Re: Remote site w/o VPN?
    ... DCs that will need to talk to the main site's DCs - that's the only ... traffic that will have to get across the internet from site A to site B ... domain controllers encrypt connections by default? ... DCs sort of encrypt traffic but a VPN would be better if you must cross ...
    (microsoft.public.win2000.active_directory)
  • Re: Remote site w/o VPN?
    ... DCs that will need to talk to the main site's DCs - that's the only ... traffic that will have to get across the internet from site A to site B ... DCs sort of encrypt traffic but a VPN would be better if you must cross ...
    (microsoft.public.win2000.active_directory)
  • Re: Automatic site link bridging
    ... some are connected via IPSec VPN Tunnels (some errors on these ... This is one of the main purposes for custom Site Link Bridge-grouping: ... This means that each sites DCs can use those double, ... and every AD site has a site link back to the 'Hub' AD site ONLY). ...
    (microsoft.public.win2000.active_directory)