Windows Server 2008 Active Directory setup over VPN

Hi all

I got 2 branches. On the one side I got a Windows Server 2008 (IP 192.168.0.2) router (IP 192.168.0.1) and on the other side I got a Windows Server 2008 (IP 10.0.0.250) and router (IP 10.0.0.251)

The server 192.168.0.2 need to be the Domain Controller running Active Directory and on the other server 10.0.0.250 I need to setup Exchange 2007.

I got 2x Draytek routers on each side with a LAN-to-LAN pptp VPN (using dyndns)

How do I setup the Active Directory and how do I then add the 10.0.0.250 server to that domain? Do I run DHCP on both servers? Do I run DNS on both servers?

Regards
Jeanne
DIBENE_ExpertAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

Hi Jeanne,

The two network ranges can already talk to each other? Over the VPN?

> The server 192.168.0.2 need to be the Domain Controller running Active Directory and on
> the other server 10.0.0.250 I need to setup Exchange 2007.

That wouldn't be good unless the VPN is very fast and reliable. Exchange makes very heavy use of AD, it needs a Domain Controller and Global Catalog in the same site.

> How do I setup the Active Directory

How much instruction do you need on that one?

> and how do I then add the 10.0.0.250 server to that domain?

Once AD is configured, ensure it refers to the DNS server on the main site and you should be able to join it to the domain.

> Do I run DHCP on both servers?

It depends but it would probably be advisable to have DHCP in each site (separately). That can be provided by the servers, or the routers, or anything else you have available.

> Do I run DNS on both servers?

Again it depends. If you had a DC at both sites I would say yes. I'd leave that one until the issue of server placement above is resolved.

Chris
0
 
aerapsCommented:
Run DNS on both servers
Run DHCP on both server

Sites and Services make each dc as a global catlog server

sites and services > default first site name > servers > myserver > ntds settings (right click on ntds settings and then check global catalog server)

this way the server will replicate directory over the vpn and users on each side will be able to authenticate locally as well,

the domain will be one with only two dc's

0
 
aerapsCommented:
Also, if you have a draytek Dual wan router, you can create another tunnel specifically for exchange traffic or port 25 traffic

which draytek you have ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.