[gabi_cavaller]

Hi there,

Many of MS's examples it explains setting up a branch office on a child domain, even though this is great, can be a bit complicated for smaller environments.

Most installations of remote sites always talk about setting up the DC on the HQ and then shipping it to the required location, what if this is not possible?

Say we have Site 1 - New York with the following settings.

Server 2008 Standard on all DC's

NY-DC1-WK2 - AD/DNS/DHCP
192.168.10.2 = IP
192.168.10.2 = DNS1
192.468.10.3 = DNS2

NY-DC2-WK2 - AD/DNS
192.168.10.3 = IP
192.168.10.2 = DNS1
127.0.0.1 = DNS2

Then we acquire Site 2 - Chicago

This will have 20 users.

We will install two Domain Controllers for redundancy, link between offices is hardware VPN, good speed.

DHCP is currently done via Router

192.168.20.1 = default gateway and DNS.

CH-DC1-WK2 = First Domain Controller - AD/DNS/DHCP

192.168.20.2 = IP

What's the best way to configure the first DC on a remote site?

Would you use the DNS of the main sites DNS (192.168.10.2) and then change it?

Obviously you would create a different site and create the subnet before doing this.

Any suggestions really grateful.

Many thanks in advanced,

G.

[Dumber]

So what is your question?
You can promote it over there and replicate it over the VPN network.
You can install and promote the DC at the main office and ship it...
You can install and promote a DC at the remote site and install AD using backup...

[biggles77]

I suggest this excellent Train Signal Lab that deals word for word exactly with your question.
http://www.trainsignal.com/Windows-S...ining-P34.aspx

[Ossian]

Personally, as long as the VPN is functioning, I have not had any issues with creating a DC at a remote site.
The only issue is that you will need to use DNS names, not NETBIOS ones if there is a choice
As long as you wait a fair length of time for replication to work, and ensure DNS is replicating OK, all will be well if you follow the normal procedure

[gabi_cavaller]

It does within reason, however, the example they give is using a child domain, I am using one domain for all sites. Additionally, it doesn't show the TCP/IP settings for the First Domain Controller in the remote site

Quote:

Originally Posted by biggles77

I suggest this excellent Train Signal Lab that deals word for word exactly with your question.
http://www.trainsignal.com/Windows-S...ining-P34.aspx

[gabi_cavaller]

My question is, what are the settings of the first DC in a remote site. Replication will be via VPN.

Bit more of an explanation below

Quote:

Originally Posted by Dumber

So what is your question?
You can promote it over there and replicate it over the VPN network.
You can install and promote the DC at the main office and ship it...
You can install and promote a DC at the remote site and install AD using backup...

[gabi_cavaller]

Exactly.

The reason why I am asking is, that when you create a DC on a remote site, not from a backup or anything, from a fresh install, when you run DCPROMO, you need to point your DNS settings to an existing DC. One you have converted the server into a full DC with DNS, the DNS settings should automatically change from pointing to the existing DC to itself. This has not happened.

The issue I have is, that unfortunately, even though the DC is fully installed, the DNS settings are still pointing to the DNS server in the "main" office. I have never encountered this before.

Does this make sense?

So where would one go from here, sure, I can change the DNS settings to point to itself, however, what about all the DNS queries from the local members, any requests will go to the local DC and then those requests will be pushed over the VPN to the "main" site DC?

Additionally, the initial replication went well, pulled all the OU's and everything accordingly, however, any changes that where made to the AD on either site, did not replicate.

Strange.

Thanks again for your time taking to reply.

Quote:

Originally Posted by Ossian

Personally, as long as the VPN is functioning, I have not had any issues with creating a DC at a remote site.
The only issue is that you will need to use DNS names, not NETBIOS ones if there is a choice
As long as you wait a fair length of time for replication to work, and ensure DNS is replicating OK, all will be well if you follow the normal procedure

[Ossian]

DNS settings are bound to the network adaptor and will not automatically change
It is one of your post install tasks, after you have installed DNS on the remote DC and allowed it to replicate -- you change the LAN card settings to give localhost as the main DNS and the central site DC as secondary

You would also install DHCP on the new DC and set up the same DNS options -- local DC first, central DC second and maybe local router (if it supports DNS) as a 3rd fallback option

[gabi_cavaller]

Ossian, thanks.

That's great.