Solved

AD server resiliency for two offices

Posted on 2007-03-30
7
266 Views
Last Modified: 2010-03-17
Dear Sir,
I am new to AD.    I have two offices (one in UK, one in US) and I am going to setup one AD server in each office.   I will only have one corporate domain.     If I want to have AD server resiliency, in case either server fails,  the remaining server can still provide AD service to users in both offices

(1) What shall I set on the two servers
(2) What shall I set on the client PC of the two offices
(3)Any auto replication that can reduce my work load

thx a lot
Eric
0
Comment
Question by:bigeric
  • 3
7 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18825294
If you configure both DCs in the same domain, they will replicate AD information between them automatically.

You need to configure two separate AD sites, one for each office, and configure the subnets that correspond to each office.  Because AD is "site-aware" you need to do this so that your US clients will authenticate to the US DC and the UK will authenticate to the UK, otherwise you'll be getting calls complaining of slow logon times as clients try to authenticate across the WAN.  (What kind of connectivity do you have between the two offices?)  Check out the following support webcast on configuring Sites & Subnets in AD 2003: http://support.microsoft.com/kb/909429

As far as client configuration is concerned, configure the US office to point to the US DC as its primary DNS with UK as their secondary, and vice versa.

Hope this helps.

Laura  E. Hunter - Microsoft MVP: Windows Server - Networking
0
 

Author Comment

by:bigeric
ID: 18828296
Dear Sir,

Thx for your reply.   The connection between the two offices is just Internet, therefore I perfer two servers to provide AD service to local users only in normal case.  Only when there is problem on either server, the remaining server will provide service to users in both locations.

Do I need to manually create user account/service/permission in both servers or it will replicate automatically ?

thx
Eric
0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 18828368
As I stated above: if you configure both DCs in the same domain, they will replicate information between them automatically.

That said, I recommend that you watch the following webcast to familiarize yourself with some of the basics of Active Directory before attempting to deploy it in a production network: http://www.microsoft.com/technet/community/events/ad/tnt1-98.mspx


0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18828411
You should also reference http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_22474493.html for information that we've already provided to you on this topic.
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Redirected folders failing strangely. 8 43
AD - Domain Admins Group - Track changes 4 55
New-Aduser from SQL 27 35
Using pwdlastset and lastlogontimestamp together 25 33
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question