I'm back again with more questions. I've attempted this one for 3 weeks before I asked. here it goes:

I have two servers. for this purpose we will call them A1 and A2.
A1 is the primary domain controller.
A2 is a secondary domain controller. <- if I have it set up right.
I've tried having 2 domains:
A1 - a.)
A2 - b.)
doesn't work. they don't share. and I don't like that setup. I need one domain

I need both servers to be on the same domain.
I need them to share the active directory attributes.
I need them to work together to offer different services.
A1 is a login server, DHCP, DNS, Web Interface
A2 is a exchange server and file server
and in 4 months there will be a A3, as a web server (but we dont have to deal with that today)
Now, A1 has two nic cards. Intranet and Internet. works correctly (thanks to this site), A2 connects to a hub that the clients also pull from, do I need to move the server to be parrellel with A1? For example, use a simple hub from the cable modem, run cables into both servers, and have 2 nic cards in each conputer, so then I can run those 2nd cards out to the main hub? Is that confusing? See I ask, because when I get this problem fix, I'm installing a firewall in front of my front-end servers. so it will be Modem->firewall server->TLGS1 and TLGS2->9 clients.

I will be adding more points to this question, because I typed it I relized I am confused as I typed it. I think some of my problem in the arceticutre (sp) of the network.

Please help with any comments I will try and report results.

Who is Participating?

Improve company productivity with a Business Account.Sign Up

JammyPakConnect With a Mentor Commented:
A2 doesn't need to be a domain controller unless you want it to perform domain logins. Just make it a member of the domain (run dcpromo to demote it, and then add it to the domain in the 'System' settings (properties of 'My Computer', or System icon in the control panel).

if it is a domain member, then it will have access to all user accounts in the domain - you can create the file shares and add permissions to domain users and groups, and also run exchange on that server

from what I read in the question, I'm don't see why A2 would need to have 2 nics...however, when you install the firewall, you'll need to setup address translation so that the public IP address that your MX records point to (ie. where the mail gets delivered to) is then mapped to the internal IP address that A2 is using. once the FW is there, I don't see why A1 needs to have 2 nics either, but that's another story!

The following web site and its subsequent links have always been a great help to me in setting up AD domains etc..

iwalmsleyAuthor Commented:
cool. I will try that when I get to the office this evening, i think that will get me in the right direction. About the firewall I use 2 nic cards there and take 1 out of the A1 machine, correct? I only forward the ports I need to the server that serves that application. i.e. points to my public ip (i can't remember the port, but lets say 1040) I would forward port 1040 to the local ip of A2 correct? A1 only uses Terminal Services so I would have to let those ports thru the firewall as well. All other communication is outbound. Correct?
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

iwalmsleyAuthor Commented:
Ok.. worked on what you said. I dcpromo the A2 machine, everything is good. Was having problems installing Exchange is said something about finding the Active directory, needed to logon to a windows 2000 domain.. I installed ADC (Active Directory Connector) included on the exchange disc, and those errors went away, now I receive this error:
"The componet "Microsoft Exchange Messenging and Collobration Services" cannot be assigned the action 'install' because the NNTP componet of Microsoft Internet Information Services IIS is not installed".
Ok - So I try to go to Start-Programs-Administative Tools- I don't have those tools. Even if I log off and log in to A2, (instead of the domain) they are not there.
I can share files and access the servers, PART A of my question has been solved, just not exchange.
For exchange - you can add the NNTP component - go in to 'Add/Remove Programs' and switch to 'Windows Components' , then go into 'Application Server', then Details, and IIS, then Details, and select the 'NNTP Service'

for the Firewall - yes, you're right - there's 2 NICs in the firewall - one private (inside), one public (outside). You then configure port forwarding for only the ports you need to only the servers you need. for example, for mail, you'll need to forward tcp port 25 to the internal address of the exchange server. the steps will be different depending on the firewall, but that's what you need to do.

once the web server is in, you'll need to forward tcp port 80 to it.
iwalmsleyAuthor Commented:
Ok.. JammyPak: thanks. how do i find proof that AD is being used from A1? I want to make sure that before I delelte Exchange on A1 (where is was before) that it works. Any tests I can perform? Raised points for followup. thanks
on A1, when you login, in the 'Log in to' drop-down box, select the Domain and try logging in as a domain user account.
iwalmsleyAuthor Commented:
Thanks!!! Log on was sucessful. So with what you said, I will be able to use my AD users from A1, in my exchange on A2. I think that's another question, so I award points to you. Thanks. If I'm wrong with my assesment about, please post and I'll ask another question in this forum.

Thanks again.
Yes, A2 is in the domain, so the domain users are available to it
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.