Start Free Trial
Come for the solution, stay for everything else.
Start Free Trial
How to add a domain dontroller across a subnet?
I am wondering if it's as simple as running a dcpromo get a domain controller added to a domain that is across a routed subnet. Is it that simple?
Windows Server 2003
8/22/2022 - Mon
Yes as long as that domain controller can communicate with another DC. If it is totally isolated it won't work. Make sure to point DNS to a current DC (assuming your DCs are running DNS)
You can later install DNS and make this box a GC too.
also have a look at AD Sites and Services and make sure that you have added all of your subnets after adding your new dc, you can also adjust replication here if you have slow links although the default setting is a good place to start. if you do not see your new dc properly listed there give it a little time and also force replication by using "repadmin /syncall" from a command prompt. I prefer to let the KCC generate the site links and then adjust them if necessary.
You have to define the site links(KCC doesn't do that part) but the KCC creates the connection objects.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
Yes my terminalogy was wrong, you must add your subnets and the KCC will generate the replication topology.
Active Directory Replication
The Knowledge Consistency Checker (KCC) is a built-in process that runs on all domain controllers and creates the replication topology for the forest. By default, the KCC runs at 15-minute intervals and designates the replication routes between domain controllers on the basis of the most favorable connections that are available at the time. The KCC creates replication connections between domain controllers in the same site automatically. When there is more than one site, configure links between the sites; the KCC can then create the connections automatically between the sites as well.
I was able to run a successful dcpromo on the new DC. I'm not sure what you mean by the rest. I see one subnet entry in the sites and services under subnet. It's the subnet where the original DCs reside. Do I need another entry for the subnet in which the new DC resides?
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today
7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
I would like to have anything that will be using that DC in that subnet to use that DC. I won't be for users, but more to replicate authentication into that subnet. Does that mean I create a new Site?
to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
If you would like to isolate the authentication traffic to that particular site where this DC is and that locations user only talk to this dc rather than going out of site you need to do the following.
Under Active Directory sites and services. Create a new site, give it a meaningful name [if its not already done].
Select the sitelink. Site link is used to create two or more sites.
Create a Subnet. It will be the network address that location is using for example 192.168.0.0/24. Associate the subnet with appropriate site. Each Subnet needs to be unique
Now make sure your DC and clients are subnet which is mapped to new site. Basically where you want to keep the DC.
Restart the DC [if ip's are changed, restart clients as well]
You are done. For more detailed information you can check the following link
Plans and Pricing
Certified Expert Program
© 1996-2022 Experts Exchange, LLC. All rights reserved. Covered by US Patent