• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 262
  • Last Modified:

2003 servers at remote sites

I have 3 remote locations currently and they all connect to HQ by means of T1 lines.  I would like to eliminate some of the traffic that is being pulled over these lines by putting a server at each of the remote sites.  My goal would be to have DHCP, DNS, Document Redirection, User Authentication and so on happen on local server as opposed to pulling it accross the link.  My questions are:
What role should these servers be?
How do you tell the users at that site to get group policy and authentication from the local server as opposed to the main DC?
0
cjewett
Asked:
cjewett
  • 3
  • 2
  • 2
2 Solutions
 
MazaraatCommented:
YOu would install the servers as a DC's (secondary), configure the DNS, DHCP, etc for the site.  Then in AD sites ad services configure each site:

open AD sites&services
expand Sites->
expand->Subnets
add each subnet and specify which Site they should be using

You may have to add the site links and sites if they are not present after the install and promotion of the DC.


http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/activedirectory/stepbystep/adsrv.mspx
0
 
cjewettAuthor Commented:
I will give that a try.  Do I actually need to do the config of the server at the remote site?  I make it a secondary DC before I do the AD Sites and Services correct?
0
 
MazaraatCommented:
yes, make it a DC before you configure sites and services...make sure its replicating also =)

YOu don't 'have' to do the config at the rmeote site...I usually bring up the server locally and promote them...to make sure  their are no comm problems.
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

 
cjewettAuthor Commented:
So it would be ok to promote it while it has an IP address in the HQ subnet?
Then I move it to the proper subnet when I move the server?
Is there anything special I have to do for the configuration of DHCP, WINS, DNS for it to funcion properly at the remote site?
0
 
lavazzzaCommented:
I would absolutely not promote it to a DC at the headquarters, it will hose DNS when it arrives at the branch location.  Once there you will need to change the ip address of a DC, then change SOA and NS records across the domain.

Instead, when I am prepping a box for a remote install I do whats called an IFM, or install from media.  What that entails is using ntbackup to backup the system state of a known good DC. I then take the bkf and move it to the new box, I assign it an IP address in the subnet of the new network.  I extract the .bkf to an alternate location and perform a <dcpromo /adv> .  During the setup I specify the location where it should get the sysvol info (default it says network, change it to the location of the extracted system state files).  At this point it is a DC and fully replicated. Enable remote admin
Once the Server is in its new location, remote in and set up DNS (I typically use AD integrated DNS with secure updates), DHCP and the sites.  Make sure to check the global catalog checkbox in the server ntds settings to limit authentication traffic.  I have used this method and it works like a charm.  
 
kb article on IFM
http://support.microsoft.com/?id=311078
0
 
cjewettAuthor Commented:
So when you are doing the dcpromo /adv you do it at you HQ or at the remte site?
0
 
lavazzzaCommented:
If you do it at the HQ, make sure it has the IP address of the remote site, or if you have a fully routed network, which it appears that you have, just enable remote desktop or make sure you have a pair of smart hands on site, and do it at the location.  The beautiful part about IFM is that you do not have to have connectivity to the rest of the domain.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now