Was wondering if there would be any issues with setting up Active Directory sites & services on an already established network?
Posted on 2011-04-20
I know this is probably a stupid question, but I want to make sure before I attempt to change anything. We had our network running for few years now. In Active directory sites and services. Nothing was ever really setup specifically for subnets or separate sites. All our domain controllers are in the default first site. And that was okay because network wasn't all that complex. But now with much more traffice going across the wan links ect. I would like to setup different sites and subnets to go along to go along with those particular sites and move the domain controller from that location to the new site. Because right now we have many users that are traveling accross the wan link to authenticate when it would be much better to authenticate to the local domain controller.
So I am wanting to change the name of the default first site create another site associate each site with the subnets that I would like to have authenticate with it in order to reduce unnecessary traffic. I found some instructions on how to make the changes ect. But was wondering If there would be any issues to change this information because Its not a brand new network. Can I make a change like this during work hours without disrupting the network and current users. Would there be any specific order that I should do this in.
Here is our senario. I have three domain controllers two at the Site 1 (data center) and one across the wan at our other Site 2( majority of users) and then we have 12 branches which connect to the data center location. These 12 branches do not have domain controllers. All 12 branches are on a separate subnet. Site 1 and Site 2 both have there own subnet as well.
So I am looking to renaming Default-first-Site to Site 1 and then create a new site - Site 2.
Leave the domain controllers that are actually physically located in Site 1 where they are and Move the Domain Controller for Site 2 into Site 2
Create subnet for the Site 1 and add to Site 1.
Create subnets of all the 12 branches and add to Site 1
Create subnet for Site 2 and add to Site 2.
This way all the machines in 12 branches and machines in site 1 will authenticate to the either of the two domain controllers in Site 1.
All the machines in site 2 will authenticate to the one domain controller in site 2.
Also I notice I don't have the global catelog enabled on the Domain Controller I want to put into site 2. I am assuming this would also be good suggestion in enabling it, is that correct?
Even though the subnets are setup for a specific sites, am I correct in thinking that if the domain controller in Site 2 goes down the users at Site 2 will then authenticate to Site 1.
I hope this makes sense. Sorry for the long drawn out explanation. I am putting 500 points on this question not for the difficulty of the question but because of the possible lengthy answer.