[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Dividing Active Directory between two sites

Posted on 2007-10-15
Medium Priority
Last Modified: 2012-05-05
I need conceptual help and guidance for splitting an Active Directory domain into two sites.  Here is the situation.  I've inherited an AD with one domain.  We have Exchange Server, a file server, and a web server, as well as the DC.  My manager told me last Thursday that she needs information on what is necessary to move part of the staff to another location, which means the network will have to be split.  I don't know what all is involved with doing this.

Would you experts help me by steering me in the right direction as to what would be needed to split our network or even if it is feasible.  What makes matters worse is that this is a temporary situation since I believe we all will be moving to a new location where everyone will be on the same subnet again.

We have all company files on a central file server.  There is an Exchange server with three stores (management, group1, and group2).  We host our own websites in-house.  We have a 3/4 T1 coming in.

Some specific questions.
1. How should the networks be linked so that people in site 1 can access files in site 2 and vice versa.
2. How do I go about getting AD to recognizae site2
3. How should email be handled--We use outlook 2003 connected to Exchange server

I would really appreciate your help in this.  I'm not sure what approach to take.  Thanks.

- Reggie
Question by:rpcr
1 Comment
LVL 70

Accepted Solution

KCTS earned 2000 total points
ID: 20078779
Yiu don't neccessarily have to "split" Active Directory. All you have to do is take your current AD and define two sites. You can do this by defining at least one subnet for each physical location and then assign these to  logical sites in Active Directory Sites and Services. The two phisical sites would need to be connected - site-to-site VPN for example and users could contuniue to use the AD resources in much the same way as they do now.

If you want to add more resilliance you should place a domain controller in each site and also configure this and a global catalog, DNS and DHCP server. This would automatically replicate with the existing DCs and would provide resilliance. Users would normally log on to and be authenticated by their own DC reducing intersite traffic, but could automatically use the remote DC in the event of a problem.

Exchange could also continue to be used as at present, or you could add a second exchnage server if your needs warrent it.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question