Solved

AD Multiple locations SBS 2008

Posted on 2011-03-10
12
392 Views
Last Modified: 2012-05-11
Hello all.

I have a main site using Windows 2008 SBS server.  Using Exchange to manage email for the whole comapny and the SBS box is also AD, DHCP and file server.  the domain is setup as "company.local' and there is a mix of XP and Windows 7 machines.  All works ok.

The company has 2 other locations.  They want to start centralizing control from the main office.  The first location already has a Windows 2003 SBS server running Exchange, DHCP and AD for that local domain called "remote.local".  

Questions, can I use that location 2 SBS 2003 server and hook it's AD into the main office AD so the main office controls everything with central user management?  as an example if a user from the main office goes to the remote location and logs into a computer there he will get his login scripts and mapped drives, etc.

The two remote locations will have a VPN active back to the main office through a Ciso routers.  Do I need to let certain traffic throught the VPN's for AD?

0
Comment
Question by:bobbydall2000
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 168 total points
ID: 35096094
Unfortunately the SBS 2003 cannot be part of another AD domain.   You will essentially need to recreate all user accounts /mailboxes at the Main Office on SBS 2008.

At the remote location with SBS 2003, you'll need to export all email to .pst files and copy all data to a USB drive, and then decommission that server

The best option then is to bring up a Standard Server 2008/2008R2 at each of the remote locations as domain controllers/dns servers/global catalog servers/file servers with a Hardware VPN created directly by the routers at location

This will allow for faster logons at remote locations as well as local file access.
0
 
LVL 13

Assisted Solution

by:connectex
connectex earned 166 total points
ID: 35096356
If you don't want to setup servers at each location you might look into using Branch Cache with Windows 7 system or setting up a Remote Desktop Services (terminal services) at the main office. This way everything is centralized and easily accessible from any location.
0
 
LVL 2

Author Comment

by:bobbydall2000
ID: 35096588
I had that feeling about SBS 2003.  SBS likes to be the only server in the environment.  It's just a shame to have to get rid of that SBS 2003 server.

The Cisco routers have created a hardware VPN between locations.  Do I need to allow specific traffic through the VPN for AD?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 35

Expert Comment

by:Cris Hanna
ID: 35096618
No...you shouldn't have to...VPN should allow all traffic to pass
0
 
LVL 2

Author Comment

by:bobbydall2000
ID: 35096632
Would something like this work if I disabled Exchange:

http://support.microsoft.com/kb/884453
0
 
LVL 2

Author Comment

by:bobbydall2000
ID: 35096674
Never mind that link, SBS 2003 would need to be the root controller.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 35096747
You are correct, There can be only one SBS server in the domain.
You could buy a new server 2008 license and install on the old server after data and email is migrated
0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 166 total points
ID: 35097914
Just to clarify as it seems you think this is a SBS 2003 problem - it's both.  SBS has always insisted on being the FSMO master of an Active Directory domain.  As such, there can be only one SBS in a domain - of any version.  And no SBS systems have supported trusts which would allow both domains to continue working AND be joined.
0
 
LVL 13

Expert Comment

by:connectex
ID: 35098726
And I'm just going to point out your could run both sites on SBS. One site using SBS 2008 and the other site using SBS 2003. It's not the ideal solution as you have to manage them as separate domains, mail servers, and such. You'd probably want to use subdomains for each sites e-mail (i.e. user@site1.company.com and user@site2.company.com. It would make handling roaming users difficult and again it's not the best possible solution. Guess I'm mainly stating this as times are difficult and this option may be possible if the funding is unavailable for the "better" options.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 35099241
doesn't exactly accomplish the goal posted by the author in the original post..."They want to start centralizing control from the main office"
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 35489741
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question