Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

Windows Server 2008 Active Directory setup over VPN

Hi all

I got 2 branches. On the one side I got a Windows Server 2008 (IP 192.168.0.2) router (IP 192.168.0.1) and on the other side I got a Windows Server 2008 (IP 10.0.0.250) and router (IP 10.0.0.251)

The server 192.168.0.2 need to be the Domain Controller running Active Directory and on the other server 10.0.0.250 I need to setup Exchange 2007.

I got 2x Draytek routers on each side with a LAN-to-LAN pptp VPN (using dyndns)

How do I setup the Active Directory and how do I then add the 10.0.0.250 server to that domain? Do I run DHCP on both servers? Do I run DNS on both servers?

Regards
Jeanne
0
DIBENE_Expert
Asked:
DIBENE_Expert
  • 2
1 Solution
 
Chris DentPowerShell DeveloperCommented:

Hi Jeanne,

The two network ranges can already talk to each other? Over the VPN?

> The server 192.168.0.2 need to be the Domain Controller running Active Directory and on
> the other server 10.0.0.250 I need to setup Exchange 2007.

That wouldn't be good unless the VPN is very fast and reliable. Exchange makes very heavy use of AD, it needs a Domain Controller and Global Catalog in the same site.

> How do I setup the Active Directory

How much instruction do you need on that one?

> and how do I then add the 10.0.0.250 server to that domain?

Once AD is configured, ensure it refers to the DNS server on the main site and you should be able to join it to the domain.

> Do I run DHCP on both servers?

It depends but it would probably be advisable to have DHCP in each site (separately). That can be provided by the servers, or the routers, or anything else you have available.

> Do I run DNS on both servers?

Again it depends. If you had a DC at both sites I would say yes. I'd leave that one until the issue of server placement above is resolved.

Chris
0
 
aerapsCommented:
Run DNS on both servers
Run DHCP on both server

Sites and Services make each dc as a global catlog server

sites and services > default first site name > servers > myserver > ntds settings (right click on ntds settings and then check global catalog server)

this way the server will replicate directory over the vpn and users on each side will be able to authenticate locally as well,

the domain will be one with only two dc's

0
 
aerapsCommented:
Also, if you have a draytek Dual wan router, you can create another tunnel specifically for exchange traffic or port 25 traffic

which draytek you have ?
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now