Solved

Windows Server 2008 Active Directory setup over VPN

Posted on 2009-05-12
4
591 Views
Last Modified: 2012-05-11
Hi all

I got 2 branches. On the one side I got a Windows Server 2008 (IP 192.168.0.2) router (IP 192.168.0.1) and on the other side I got a Windows Server 2008 (IP 10.0.0.250) and router (IP 10.0.0.251)

The server 192.168.0.2 need to be the Domain Controller running Active Directory and on the other server 10.0.0.250 I need to setup Exchange 2007.

I got 2x Draytek routers on each side with a LAN-to-LAN pptp VPN (using dyndns)

How do I setup the Active Directory and how do I then add the 10.0.0.250 server to that domain? Do I run DHCP on both servers? Do I run DNS on both servers?

Regards
Jeanne
0
Comment
Question by:DIBENE_Expert
  • 2
4 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24419766

Hi Jeanne,

The two network ranges can already talk to each other? Over the VPN?

> The server 192.168.0.2 need to be the Domain Controller running Active Directory and on
> the other server 10.0.0.250 I need to setup Exchange 2007.

That wouldn't be good unless the VPN is very fast and reliable. Exchange makes very heavy use of AD, it needs a Domain Controller and Global Catalog in the same site.

> How do I setup the Active Directory

How much instruction do you need on that one?

> and how do I then add the 10.0.0.250 server to that domain?

Once AD is configured, ensure it refers to the DNS server on the main site and you should be able to join it to the domain.

> Do I run DHCP on both servers?

It depends but it would probably be advisable to have DHCP in each site (separately). That can be provided by the servers, or the routers, or anything else you have available.

> Do I run DNS on both servers?

Again it depends. If you had a DC at both sites I would say yes. I'd leave that one until the issue of server placement above is resolved.

Chris
0
 
LVL 4

Expert Comment

by:aeraps
ID: 25079717
Run DNS on both servers
Run DHCP on both server

Sites and Services make each dc as a global catlog server

sites and services > default first site name > servers > myserver > ntds settings (right click on ntds settings and then check global catalog server)

this way the server will replicate directory over the vpn and users on each side will be able to authenticate locally as well,

the domain will be one with only two dc's

0
 
LVL 4

Expert Comment

by:aeraps
ID: 25079732
Also, if you have a draytek Dual wan router, you can create another tunnel specifically for exchange traffic or port 25 traffic

which draytek you have ?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was asked if I could set up a fax machine so that incoming faxes were delivered to people's Exchange inboxes and so that they could send faxes from their desktops without needing to print the document first.  I knew it was possible but I had no id…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question