Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Adding RODC to Existing Server 2008 R2 Domain

Posted on 2011-02-16
7
Medium Priority
?
934 Views
Last Modified: 2012-05-11
I need to add a second RODC at a colocation and I'm wondering what the proper steps are as I've never had to add a second domain controller to a network before.

All the remote users are pointing to the PDC at 192.168.0.0.  I'm going to add the RODC with DNS and DHCP leasing a subnet of 192.168.1.0 to the colo network.  I've already joined the colo's workstations to the PDC, what do I need to do to have them point to the RODC? Do I do nothing? Do I just setup DHCP to point to the RODC for DNS?

Thanks.
0
Comment
Question by:DSM_22
7 Comments
 
LVL 4

Expert Comment

by:DangerousJeff
ID: 34911018
Make sure the new server has a static IP and its dns server setting is set on the network interface.
Just run through the steps for creating a domain controller normally, but instead of creating a new domain in a new forest, join an existing domain. Later on make sure you check the RODC check box, leave the dns and GC server boxes checked. After done and rebooted add a forward lookup zone (active directory integrated) to dns and make sure every one is set to use it as a secondary dns (dhcp etc)

I think thats it, might need to do an adprep /rodcprep at some stage

check here
http://technet.microsoft.com/en-us/library/cc772234%28WS.10%29.aspx
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 1800 total points
ID: 34911638
Are you treating your colo as a DR facility? If you are, or if it is only your second DC, I suggest you make it a full DC. Otherwise I am pretty sure that you will be in a world of hurt if your lose your one and only writeable DC. My guess is that if you lose all of your writable domain controllers and are unable to recover them that you will need to create a new domain/forest in order to move forward.

Since this is the first time you have had multiple domain controllers in multiple sites, you need to configure AD sites and services. Otherwise you will have some clients going over the WAN to connect to a DC instead of the local one. AD doesn't handle it for you automatically.
0
 

Author Comment

by:DSM_22
ID: 34911750
This isn't a DR facility, but I like your points on redundancy so I will opt for a full domain controller role.

Do you have any tips or helpful links for setting up sites and services?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 1800 total points
ID: 34911918
From Technet:
http://technet.microsoft.com/en-us/library/cc730868.aspx

This link is for Windows 2000, but I don't think that things have changed and there's a lot less to read
http://www.activewin.com/win2000/step_by_step/active_directory/adsites.shtml
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 200 total points
ID: 34912335
Here to add an additional Domain Controller follow this link.

http://technet.microsoft.com/en-us/library/cc733027(WS.10).aspx
0
 

Author Comment

by:DSM_22
ID: 34921010
Thanks for the replies guy.  Most points are awarded to kevinhsieh for experienced input.  The link to the M$ documentation on a second DC is the first thing I checked but I wanted some feedback from fellow experts :).
0
 

Author Closing Comment

by:DSM_22
ID: 34921024
Thanks
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question