Server 2008 New DC

okay will try to explain as best as can.....

currently have 5 sites connected through MPLS.....all different locations..we will call these sites A-E

At site A we have 2 DC`s win 2003 Server...only DC`s on domain....

Currently at site B we need to add an application Server for the apps on this server will not cross the T1 line....they have to be ran locally...

Going to add 2008 DC to site also going to add 2008 DC to site A

so that would be 4 DC...3 at site A and 1 at site B....

at site A i am planning on making the New Server 2008 the PDC and taking one of the 2003 DC machines out......

question....i assume my first step is to switch which is the PDC....when I check the box to make the New Server 2008 the PDC will the current PDC be demoted automatically to BDC...allthough i already have a BDC....I want the BDC to remain the BDC....from my reading this is what i thought....

also for the above question...i am i going about this the right there a better alternative? is there anything i should watch out for or worry about?

come the end i want the PDC and BDC at site A...the PDC will be running Server 2008 and the BDC will be running Server 2003....

At site B I will have Server 2008 DC....which would be ?????WHAT??????Just a DC?????\\

as from above you can see i am a little confused as to which way to go about this.. if anyone could also explain why one way is better than the other also.......any help is appreciated....or if there are better alternatives...please advise........

Who is Participating?
bluntTonyConnect With a Mentor Commented:
Yes that's correct.

However if you want to make the clients without a local DC (C, D and E) prefer a particular site for authentication (i.e. Site A's DCs or Site B's DCs), then create and associate their subnet objects with either site A or B. This is just a quick and easy way to get them to prefer a particular site's DC.

In active-directory all domain controllers are at same level (multimaster).

PDC and BDC is only referred to NT Domains.

One DC in the forest host a 2 single roles (Schema Master Role and Domain Name Master Role)
and one DC in the domain host other 3 single roles (RID MAster Role,PDC Emulator Master Role,infrastructure master role).

A domain controller also has "Global Catalog" property.

You have to acquire skills about this arguments prior to planning an active directory deployment.

westhelpdeskAuthor Commented:
well you lost the solution was????
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

By 'PDC' I assume you mean the PDC Emulator, one of the 5 FSMOs right?

When considering the placement of the PDC, I would just make sure it is on a well-connected DC, and I would also personally place it in the largest site, the one with the most clients. As it also acts as a DC for pre-2000 machines, you should consider where these are if you have any older clients.

As marco says, there is no PDC/BDC setup in Active Directory. All DCs are equal.

First promote the new server into Site A. To remove the older DC from site A, simply demote it using dcpromo. First make sure it's not being used as a primary DNS server by clients, and also make sure it's not the only GC in Site A. Also transfer any FSMO roles it holds to another DC, probably the new one.

To find out where the FSMOs are held, run 'netdom query fsmo'
To transfer FSMO roles :

The main thing is to ensure that site A still has at least one GC, and all it's clients are still using a valid local DNS server.

And the server in site B, since it's the only DC in that site, make it a DC, GC and DNS server (in fact I would say make ALL of your DCs GCs)

Then configure your clients in that site to use it as primary DNS. This localises all AD requests and DNS and saves them having to go across the MPLS.

No real need to worry about FSMO placement apart from the PDC as I said in the first post.
westhelpdeskAuthor Commented:
we have all xp pro sp3 clients....the machine at site A is the Primary DNS Server...also our current application server, our only GC Server and holds all roles itself.... we do have another 2003 DC as an DNS if machine A goes down..client authenticate to machine B.........

so you are saying first...the other DC in site A make it a GC....then install the new Server 2008 making it DC, GC, and DNS Server....tranfer all the roles to the new server and then demote the current Primary DNS, GC,.......

in site B just go ahead and make this our DC, GC and DNS and point client to this machine at site B to provide less traffic over MPLS Circuit...

At Site A do the Same for DNS....point clients at the new Server 2008....and Secondary DNS......

Can all DC`s be a GC Server....i was under the impression that you can have only have one GC on the domain???????

sorry about all these newbi questions....just trying to learn the best approach without making a mess of things....also if anyone would have some good articles on this it would be great...thanks for all your help....
That's pretty much it, yes.

No, you can have as many GCs as you wish. Before when site links may have been very low bandwidth, you might have had to be more selective about GC placement to avoid excessive replication traffic over the WAN, but nowadays in most cases you're good to make them all GCs. If it's only a single domain then there is literally nothing to worry about as it generates no additional replication traffic.

One other thing we haven't touched upon - since you are now adding a DC to site B, you will need to ensure it is defined as a site in AD Sites and Services (ADSS). Once you've created the new site in ADSS, move the server object for the server in site B to the site container in ADSS. The servers are probably all currently sitting in a site called 'Default-First-Site-Name'. You can rename this to 'Site A', and create a new sit called 'Site B'. Then you need to create subnet objects to represent the different subnet addresses you have in both of these sites and associate them with the correct site.

This process is what allows clients to use their local DC. Otherwise they could be using any DC and this defeats the point of adding a local DC. For those physical sites that do not have a DC, make sure you associate their subnet objects with the site whose DC you want to serve their clients' requests.

The two sites will now been replicating between each other governed by the rules on the DEFAULTIPSITELINK object (Inter-Site Transports > IP). The replication interval is how often, in minutes, the sites will replicate. Change this to suit your needs. You can also rename this site link object if you wish, something like Site A to Site B would make sense!

Don't worry about asking the questions, that's what we're here for!
westhelpdeskAuthor Commented:
from my understanding under sites and services...i would only add the site and subnet for the locations that are going to have a DC.....there is no sense in me adding a site that is on a different subnet that doesnt have a my thinking correct?
westhelpdeskAuthor Commented:
thanks alot!!! you have shed alot of light on this subject!!!!
All Courses

From novice to tech pro — start learning today.