Solved

How do you join two domain controllers on different subnets?

Posted on 2011-02-19
5
1,529 Views
Last Modified: 2012-05-11
I have a 2008 Server that is going to hold Active Directory and Exchange that will be in a Colo. I am then going to have two other locations with an 2008 Server at each. The second and third location will connect to the Colo via a VPN. The Second and third location will connect to each other via a 3mb MPLS line. I want to setup DFS on all three to keep a copy of the data which is mostly AutoCad files and some Office documents, on all three servers. This way if the connection between them is broken they will still be able to login and access documents. I am not sure how to add the 2nd and 3rd location to the Server in the Colo though.  I am not 100% sure that what I am proposing will work either.
0
Comment
Question by:aando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 17

Assisted Solution

by:OriNetworks
OriNetworks earned 150 total points
ID: 34934085
Joining two domain controlers over different subnets is basically the same as joining two domain controllers on the same network as long as a VPN connects the two networks. The only different being that you may want to setup as a different site in Active Directory Sites and Services.
0
 

Author Comment

by:aando
ID: 34934110
What do you mean a different site in AD sites and services? Also will the DFS work and will all three sites replicate fine on different subnets?
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 350 total points
ID: 34934148
What you are proposing should work fine. You need to have the VPN running before you add the remote servers to the domain. As long as the servers can ping the domain controller(s) at the colo and are set to use them for DNS you will be able to add them to the domain and then run DCpromo to make them domain controllers. You can then make the office servers DNS and DHCP servers. You will need to properly configure AD Sites and Services or your clients will connect to remote servers when they should be connecting locally.
For the DFS, the DFS name servers should be hosted by the domain controllers and you should build the namespace like \\domain.local\dfs\folder1. You don't want to use server names in the path because it makes it harder to change servers in the future. You also need to think about how to organize the folders in DFS because you need some way to prevent users from two different sites editing the same document at the same time. DFS doesn't prevent that and the version of the file that gets saved last is kept. My solution to this problem is to organize files by location and make only 1 copy of the files available at a time. That may or may not work for you depending on how much people from different locations collaborate on the same files.

I enable shadow copies on all of my servers, but I let DFS replicate everything back to a central server for backups. I also enabled QoS on the network and forced DFS-R traffic to use a specific TCP port so that I could apply QoS to it. Otherwise DFS-R traffic can swamp your WAN connection.

If you are using Windows 2008 R2 with Windows 7 Ultimate or Enterprise you can use BranchCache to improve performance when accessing files over the WAN.
0
 

Author Comment

by:aando
ID: 34934304
Kevinhsieh...

1.Are you saying the office servers should only have the colo server as their DNS and then the 2nd and 3rd sites comuters use those servers for their dns?

2. Do you know where I can find information on how to properly setup sites and services?

3. Then is the DFS replicating the "ShadowCopy" data back to a central server for backups or just the normal data?
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 350 total points
ID: 34935954
AD Sites and Services
http://technet.microsoft.com/en-us/library/cc730868.aspx

DFS Replication will replicate just the normal files, but shadow copies allows you to have local backups of the files as long as you don't lose the whole server.

The office server needs to use the colo server for DNS just so it can contact the domain controller so it can join the domain. After that, it can point to itself for DNS and the local clients can point to the local server for primary DNS.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question