Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do you join two domain controllers on different subnets?

Posted on 2011-02-19
5
Medium Priority
?
1,545 Views
Last Modified: 2012-05-11
I have a 2008 Server that is going to hold Active Directory and Exchange that will be in a Colo. I am then going to have two other locations with an 2008 Server at each. The second and third location will connect to the Colo via a VPN. The Second and third location will connect to each other via a 3mb MPLS line. I want to setup DFS on all three to keep a copy of the data which is mostly AutoCad files and some Office documents, on all three servers. This way if the connection between them is broken they will still be able to login and access documents. I am not sure how to add the 2nd and 3rd location to the Server in the Colo though.  I am not 100% sure that what I am proposing will work either.
0
Comment
Question by:aando
  • 2
  • 2
5 Comments
 
LVL 17

Assisted Solution

by:OriNetworks
OriNetworks earned 600 total points
ID: 34934085
Joining two domain controlers over different subnets is basically the same as joining two domain controllers on the same network as long as a VPN connects the two networks. The only different being that you may want to setup as a different site in Active Directory Sites and Services.
0
 

Author Comment

by:aando
ID: 34934110
What do you mean a different site in AD sites and services? Also will the DFS work and will all three sites replicate fine on different subnets?
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 1400 total points
ID: 34934148
What you are proposing should work fine. You need to have the VPN running before you add the remote servers to the domain. As long as the servers can ping the domain controller(s) at the colo and are set to use them for DNS you will be able to add them to the domain and then run DCpromo to make them domain controllers. You can then make the office servers DNS and DHCP servers. You will need to properly configure AD Sites and Services or your clients will connect to remote servers when they should be connecting locally.
For the DFS, the DFS name servers should be hosted by the domain controllers and you should build the namespace like \\domain.local\dfs\folder1. You don't want to use server names in the path because it makes it harder to change servers in the future. You also need to think about how to organize the folders in DFS because you need some way to prevent users from two different sites editing the same document at the same time. DFS doesn't prevent that and the version of the file that gets saved last is kept. My solution to this problem is to organize files by location and make only 1 copy of the files available at a time. That may or may not work for you depending on how much people from different locations collaborate on the same files.

I enable shadow copies on all of my servers, but I let DFS replicate everything back to a central server for backups. I also enabled QoS on the network and forced DFS-R traffic to use a specific TCP port so that I could apply QoS to it. Otherwise DFS-R traffic can swamp your WAN connection.

If you are using Windows 2008 R2 with Windows 7 Ultimate or Enterprise you can use BranchCache to improve performance when accessing files over the WAN.
0
 

Author Comment

by:aando
ID: 34934304
Kevinhsieh...

1.Are you saying the office servers should only have the colo server as their DNS and then the 2nd and 3rd sites comuters use those servers for their dns?

2. Do you know where I can find information on how to properly setup sites and services?

3. Then is the DFS replicating the "ShadowCopy" data back to a central server for backups or just the normal data?
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 1400 total points
ID: 34935954
AD Sites and Services
http://technet.microsoft.com/en-us/library/cc730868.aspx

DFS Replication will replicate just the normal files, but shadow copies allows you to have local backups of the files as long as you don't lose the whole server.

The office server needs to use the colo server for DNS just so it can contact the domain controller so it can join the domain. After that, it can point to itself for DNS and the local clients can point to the local server for primary DNS.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question