Solved

AD Multiple locations SBS 2008

Posted on 2011-03-10
12
390 Views
Last Modified: 2012-05-11
Hello all.

I have a main site using Windows 2008 SBS server.  Using Exchange to manage email for the whole comapny and the SBS box is also AD, DHCP and file server.  the domain is setup as "company.local' and there is a mix of XP and Windows 7 machines.  All works ok.

The company has 2 other locations.  They want to start centralizing control from the main office.  The first location already has a Windows 2003 SBS server running Exchange, DHCP and AD for that local domain called "remote.local".  

Questions, can I use that location 2 SBS 2003 server and hook it's AD into the main office AD so the main office controls everything with central user management?  as an example if a user from the main office goes to the remote location and logs into a computer there he will get his login scripts and mapped drives, etc.

The two remote locations will have a VPN active back to the main office through a Ciso routers.  Do I need to let certain traffic throught the VPN's for AD?

0
Comment
Question by:bobbydall2000
  • 4
  • 3
  • 2
  • +2
12 Comments
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 168 total points
ID: 35096094
Unfortunately the SBS 2003 cannot be part of another AD domain.   You will essentially need to recreate all user accounts /mailboxes at the Main Office on SBS 2008.

At the remote location with SBS 2003, you'll need to export all email to .pst files and copy all data to a USB drive, and then decommission that server

The best option then is to bring up a Standard Server 2008/2008R2 at each of the remote locations as domain controllers/dns servers/global catalog servers/file servers with a Hardware VPN created directly by the routers at location

This will allow for faster logons at remote locations as well as local file access.
0
 
LVL 13

Assisted Solution

by:connectex
connectex earned 166 total points
ID: 35096356
If you don't want to setup servers at each location you might look into using Branch Cache with Windows 7 system or setting up a Remote Desktop Services (terminal services) at the main office. This way everything is centralized and easily accessible from any location.
0
 
LVL 2

Author Comment

by:bobbydall2000
ID: 35096588
I had that feeling about SBS 2003.  SBS likes to be the only server in the environment.  It's just a shame to have to get rid of that SBS 2003 server.

The Cisco routers have created a hardware VPN between locations.  Do I need to allow specific traffic through the VPN for AD?
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 35096618
No...you shouldn't have to...VPN should allow all traffic to pass
0
 
LVL 2

Author Comment

by:bobbydall2000
ID: 35096632
Would something like this work if I disabled Exchange:

http://support.microsoft.com/kb/884453
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 2

Author Comment

by:bobbydall2000
ID: 35096674
Never mind that link, SBS 2003 would need to be the root controller.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 35096747
You are correct, There can be only one SBS server in the domain.
You could buy a new server 2008 license and install on the old server after data and email is migrated
0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 166 total points
ID: 35097914
Just to clarify as it seems you think this is a SBS 2003 problem - it's both.  SBS has always insisted on being the FSMO master of an Active Directory domain.  As such, there can be only one SBS in a domain - of any version.  And no SBS systems have supported trusts which would allow both domains to continue working AND be joined.
0
 
LVL 13

Expert Comment

by:connectex
ID: 35098726
And I'm just going to point out your could run both sites on SBS. One site using SBS 2008 and the other site using SBS 2003. It's not the ideal solution as you have to manage them as separate domains, mail servers, and such. You'd probably want to use subdomains for each sites e-mail (i.e. user@site1.company.com and user@site2.company.com. It would make handling roaming users difficult and again it's not the best possible solution. Guess I'm mainly stating this as times are difficult and this option may be possible if the funding is unavailable for the "better" options.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 35099241
doesn't exactly accomplish the goal posted by the author in the original post..."They want to start centralizing control from the main office"
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 35489741
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now