2 Subnets and 1 DC

Hi,

We have a customer currently on the 192.168.0.x subnet, they have moved a few users to another building down the road. We opted for a 1Mb SDSL connection and VPN tunnel. The new office is on 192.168.2.x and we can ping both subnets fine.

Can someone please advise what changes we need to make to the DC in the main subnet 192.168.0.x so that the users in the other subnet are part of the domain, at present they are obtaining their IP setting from the local Draytek router which is issuing the DNS server from the main subnet and an internet DNS server.

There is currently no plan to put a DC in the 2nd subnet.

Any suggestions welcomed.

Regards
Scott
rdswaddiAsked:
Who is Participating?
 
Brian PierceConnect With a Mentor PhotographerCommented:
If you are going to use the DHCP in the main office then you need to be aware that DHCP uses broadcasts and these don't normally go through routers. If your routers are RFC 1542 compliant they Will have the option to allow/forward DHCP broadcasts, if not then you will have to use a local DHCP server or DHCP proxy.

Also bear in mind what I said about the DNS server and default gateway settings.
0
 
iCoreKCCommented:
This should be no problem.  The only changes needed is new subnet entry in Sites and Services even though the subnet doesn't have a DC.  AD will then know about this new subnet and this will help with authentication.  Put it the same Site as the 1st subnet, probably the Default First Site, and that should do it.

Domain membership for the workstations in the new building will need to be addressed and I am assuming that the users accounts have been created.  From that point its just a point of testing.

Everything else looks good.  You don't really need to do anything on the 1st subnet.  
0
 
Brian PiercePhotographerCommented:
If you are using Microsoft RRAS then you can set up an IP pool on the RRAS server which could allocate IP adresses to the VPN clients or you can stay with DHCP on the router - but not both!

Whichever you use, the clients need to be given the Windows DNS server as thieir preferred DNS server, and no other DNS server should be specified, otherwise they will not be able to contact the domain. The default gateway must also be specified.

You can then attatch them to dhe domain as you would any other computer.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
rdswaddiAuthor Commented:
Thanks for your help guys. The machines have already been added to the domain (just physically been moved).

So can I create a new scope in DHCP and have that allocate the IPs to the 2nd subnet?

Thanks
Scott
0
 
rdswaddiAuthor Commented:
That's great thanks. So if only one DNS server is specified will the users on the 2nd subnet end up using the internet connection from the main subnet to browse the web? Unless I specify the Draytek as a proxy?

Regards
Scott
0
 
Brian PiercePhotographerCommented:
All domain members (workstations, servers and domain controllers) MUST use the Windows DNS server (normally the domain controller) as the preferred and only DNS server, the alternate DNS server can be used if you have multipe local DNS servers. This applies whatever subnet the machines are on.

This is necessary because computers use DNS not only to resolve local host names to IP addresses but also to locate Domain Services.

In order to allow the machines to resolve external names, you normally specify your ISPs DNS servers as forwarders on the Forwarders tab in the properties setting of the DNS server in the DNS console.
0
 
iCoreKCCommented:
You need to have both DNS servers set up in your scenario.  Primary to you DC and Secondary to your ISP, however the Primary DNS server will forward request to the Root DNS boxes on the internet.

You AD DNS server is critical as your client at your off site location need to be able to resolve names internally as well as domain resources which are only available on your DNS server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.