dannydudek
asked on
Temporary separation of domain controllers
I have Windows 2003 Server domain setup (two domain controllers).
My company is moving office, turns out that in order of having new phone system setup in place correctly, we need to have our domain in place before the actual move.
Unfortunatelly VPN is not an option.
I'm thinking - if I take one of the domain controllers (or create a new one) and disconnect from domain (move over to the new office), join necessery phone system servers to it, and then move the rest of the domain over - would that work? Would the AD changes that has been done to this domain controller over separation period will be propagated to the other domain controller and vice-versa?
My company is moving office, turns out that in order of having new phone system setup in place correctly, we need to have our domain in place before the actual move.
Unfortunatelly VPN is not an option.
I'm thinking - if I take one of the domain controllers (or create a new one) and disconnect from domain (move over to the new office), join necessery phone system servers to it, and then move the rest of the domain over - would that work? Would the AD changes that has been done to this domain controller over separation period will be propagated to the other domain controller and vice-versa?
yes it will as long as it is setup before you move. Your ip address will probably change but you should be fine.
There are, however, some significant caveat - how long will these DCs be disconnected? They must be able to replicate with each other within a 60-day period at the outside most, or one of the DCs will need to be forcibly demoted and re-added to AD after a metadata cleanup. Additionally, keep in mind that if DC1 cannot communicate with DC2, any changes that take place will not be replicated between them - for example, if a user in office1 changes their password and then needs to go to office2 for a day, DC2 will not have received the updated password.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Oh, how about if I add computer to the domain on DC2 (separate from the rest of the domain) and then join it all together? Will this PC be still joined properly to the domain, or will it be erased?
ASKER
BTW domain will be separatelly only for 3 weeks
Once the DCs see one another again, the changes you've made on either side (including joinig computer accounts) will consolidate resulting in a converged and happy directory.