Seperating locations in AD

Posted on 2007-08-06
Last Modified: 2010-03-17
How do  you seperate locations in Active Directory?  I just upgraded a NT4 BDC to 2003 AD and I'm testing it before I make it active.  I want to seperate the Chicago plant, the Phoenix plant, and the Miami plant from eachother.  that way the users/computer accounts go into those locations instead of just the "general domain" like we had in the NT4 domain.
Question by:rbeattie27
    LVL 31

    Accepted Solution


    Use OU (organizational units) to organize objects in your domain. You might consider using AD sites and subnets if your network is physical separated (not on the same LAN). In this case each location (site) has to have its own DC and at least one IP subnet defined.



    Author Comment

    I've seen that done at a previous location but a few of the sites didn't have a DC.  How did they do that?

    Author Comment

    Sorry, our other sites do have seperate subnets but I don't want to have to build a DC for 10 computers at a remote facility.
    LVL 70

    Assisted Solution

    If you have seperate geographical locations then you can define subnets in Active Directory Sites and Services and then create sites and allocate one or more subnets to each site. Proper use os sites reduces intersite traffic, especially if you set up a domain controller on each site with a global catalog (as is the recommended setup).

    When you use sites clients should be set to point to the local DC for their DNS and will use a DC on their own site for authentication in perference to other DCs.

    All computer and user accounts will be replicated to all domain controllers in the domain - as is always the case with Active Directory - which allows other DCs to be used should any DC fail or be unavailable and also means that users who move between sites will be abole to log on without issues.
    LVL 31

    Expert Comment

    by:Toni Uranjek
    It's pointles to create site in AD sites and services without domain controller. Just create IP subnet and associate it with nearest site.

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    One of the major disadvantages of still running XP in production is its lack of Internet Explorer Favourites directory redirection. If your users frequently roam between computers, the usual workaround is to enable Roaming Profiles to have the favou…
    [b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now