Link to home
Start Free TrialLog in
Avatar of menreeq
menreeq

asked on

SBS R2 and additional domain controllers

My understanding is that Smalll Business Server 2003 R2 now allows additional domain controllers that are also global catalogs to be part of the SBS network.  Is that the case?  Are there any limitations?
Avatar of vsg375
vsg375
Hi,

The constraints remain the the same as with SBS, i.e :

1. There can only be one DC running SBS in the forest
2. The SBS DC must have ALL FSMO roles
3. The SBS domain cannot have child domains
4. You cannot create trust relationships with other domains
5. The SBS server must be the root of the AD forest

However, you may have other W2K3 DCs set up as global catalogs, for redundancy purposes, but we're talking W2k3, not SBS.

It's all explained here :

http://www.microsoft.com/windowsserver2003/sbs/evaluation/topmyths.mspx

HTH
Cheers
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image
Yes its true - indeed it is recommended that you have additional Windows 2003 DCs for resillance and backup.

Install Windows 2003 on the new machine
Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select Additional Domain Controller in an existing Domain

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the Global Catalog checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will have replicated to the new domain controller along with Active Directory.

If you are using DHCP you can spread this across the domain controllers, In a simple single domain this is easiest done by Setting up DHCP on the second Domain controller and using a scope on the same network that does not overlap with the existing scope on the other Domain Controller. Dont forget to set the default gateway (router) and DNS Servers. Talking of which all the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other,

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and DHCP. and the domain could function for a while at least should any one of them fail.

As this is SBS server the five FSMO roles MUST remain on the SBS server.
Avatar of Philip Elder
Philip Elder
Flag of Canada image
Just to add to KCTS's excellent post: Make sure that you install DNS on the new W2K3 server before running DCPromo. You do not need to do anything with it, just let Active Directory pick it up and configure it during the DCPromo process.

Installing DNS after the fact on a DC can lead to issues.

Philip
ASKER CERTIFIED SOLUTION
Avatar of Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial