?
Solved

Windows Server 2008 Active Directory setup over VPN

Posted on 2009-05-12
4
Medium Priority
?
600 Views
Last Modified: 2012-05-11
Hi all

I got 2 branches. On the one side I got a Windows Server 2008 (IP 192.168.0.2) router (IP 192.168.0.1) and on the other side I got a Windows Server 2008 (IP 10.0.0.250) and router (IP 10.0.0.251)

The server 192.168.0.2 need to be the Domain Controller running Active Directory and on the other server 10.0.0.250 I need to setup Exchange 2007.

I got 2x Draytek routers on each side with a LAN-to-LAN pptp VPN (using dyndns)

How do I setup the Active Directory and how do I then add the 10.0.0.250 server to that domain? Do I run DHCP on both servers? Do I run DNS on both servers?

Regards
Jeanne
0
Comment
Question by:DIBENE_Expert
  • 2
3 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24419766

Hi Jeanne,

The two network ranges can already talk to each other? Over the VPN?

> The server 192.168.0.2 need to be the Domain Controller running Active Directory and on
> the other server 10.0.0.250 I need to setup Exchange 2007.

That wouldn't be good unless the VPN is very fast and reliable. Exchange makes very heavy use of AD, it needs a Domain Controller and Global Catalog in the same site.

> How do I setup the Active Directory

How much instruction do you need on that one?

> and how do I then add the 10.0.0.250 server to that domain?

Once AD is configured, ensure it refers to the DNS server on the main site and you should be able to join it to the domain.

> Do I run DHCP on both servers?

It depends but it would probably be advisable to have DHCP in each site (separately). That can be provided by the servers, or the routers, or anything else you have available.

> Do I run DNS on both servers?

Again it depends. If you had a DC at both sites I would say yes. I'd leave that one until the issue of server placement above is resolved.

Chris
0
 
LVL 4

Expert Comment

by:aeraps
ID: 25079717
Run DNS on both servers
Run DHCP on both server

Sites and Services make each dc as a global catlog server

sites and services > default first site name > servers > myserver > ntds settings (right click on ntds settings and then check global catalog server)

this way the server will replicate directory over the vpn and users on each side will be able to authenticate locally as well,

the domain will be one with only two dc's

0
 
LVL 4

Expert Comment

by:aeraps
ID: 25079732
Also, if you have a draytek Dual wan router, you can create another tunnel specifically for exchange traffic or port 25 traffic

which draytek you have ?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question