AD Sites and Services

I have four dealerships (separate subnets) linked by MPLS with two different domains in operation (actually two different forests, technically, I guess).  Let's call them A.com and B.com.  Three of the dealerships (previously a separate company) are on domain A.com and one is on B.com.  A.com has a DC in each of its three dealerships with the PDC in the new headquarters building.  B.com has its PDC in its separate building and a backup DC in the main headquarters building where A.com's PDC also resides.  All domain controllers are running Server 2003, but the functional environment is Windows 2000 since A.com's DC's had been running Server 2000.  My question is how to properly set up Sites and Services with this two domain situation.  We have (or had) a two-way trust between A and B, but recently, I am only able to validate that trust from B's PDC to A and A's PDC in the main headquarters building to B.  The DC's in the other two dealerships say they can't find a DC to validate the trust with B.  Under B's Sites and Services, I have two sites created, one for B's backup DC in the main building (with that backup DC as the server for that site) and one for the building the PDC is in, but under A's Sites and Services, I have only one site setup with all three DCs listed as servers for that site.  I do, however, have all four different subnets listed under A's Sites and Services, but only two subnets listed under B's as of right now.  Do I need to create a site under A for B, and vice versa, even though they're on different domains?  Needless to say, I'm a little lost, and this is a long-winded question.  Any help would be appreciated.
fabiounessAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
aissimConnect With a Mentor Commented:
To answer your last question - no you do not need to create a site for B under A or vice versa.

The Sites and Services mmc only pertains to DCs (and their replication) of the same domain - so A and B will be completely separate. It sounds like you have the DCs of B.com configured correctly...two sites, and two subnets that are assigned to those appropriate sites.

It sounds like A's sites and services needs some changes though. First, remove the subnet for the remote B.com building as nothing from domain A lives there. Second, create two more sites for the dealerships so you've got sites that represent all three locations. At the same time assign the appropriate subnets to those two new sites - resulting in three different sites, each with their own subnet assigned. Lastly move each of the two DC's that are currently in the main building's site to their appropriate (newly created) site.

I'd start there and we'll see if your problems go away!
0
 
fabiounessAuthor Commented:
Well, I don't know if it was your suggestions alone, or that I also added a forward lookup zone for B.com on one of the remote A.com DC's that couldn't validate the trust, but I am able to validate now!  Much appreciated!  Doesn't DNS replicate all its info between DC's in the same domain, however?  In other words, why would the PDC have B.com as a forward lookup zone, but the other DC's didn't?  Did that have to do with the Site configuration as well?
0
 
aissimCommented:
Probably a combination of the two - with a little more weight on the DNS!

DNS will replicate between all the DCs in the domain as long as two requirements are met. First being that each DC is running DNS; second being that the zones are 'Active Directory Inegrated' and not just a standard Primary or Secondary zone. You could use zones that are not AD integrated, but would have to manually configure the zone transfers settings between DNS servers as AD would not have the info to replicate.
0
 
fabiounessAuthor Commented:
The DCs are all running DNS, but the two remote ones had B.com as a secondary zone.  I changed them to primary and AD integrated.  Thanks again!
0
All Courses

From novice to tech pro — start learning today.