Solved

Active Directory two locations

Posted on 2011-09-08
6
821 Views
Last Modified: 2012-05-12
Hi I am setting up a new network at two sites approx 100 miles apart.
Between the two sites I have 2mbits per/s bandwidth routed link.

I would like to know the best way - how to, set up replication between the two sites so I can achieve the following.
1. Local Logon to active directory without local users having to go across the routed link to logon or access files.
2. Remote users at the 2nd, distant site, will after logon, get their Exchange email from the HQ SBS 2011 site but store their data files on their local server.
3. occassionally local clients at HQ will want to access files on the remote server.
4 occassionally remote clients will want to access files on the HQ server.
5. I do not require help with directory rights etc or the networking etc,, rather I would like help with AD replication - PDC and BDC setup so each site works locally most of the time.
0
Comment
Question by:jwjjwj
6 Comments
 
LVL 21

Expert Comment

by:RK
ID: 36508020
Hi jwjjwj,

I hope you have configured Site to Site VPN between 2 offices and both are in the same subnet, If yes, I hope you placed a Primary DC on main office and put an additional DC into branch office, Enable Global Catalog role on both server for fast replication.

Please let us know for further help.
0
 
LVL 1

Expert Comment

by:praveen_16july
ID: 36508066
hi jwjjwj,

you have two options:
1. Child Domain
2. Additional Domain

if your user as a roaming user like some time one location and some time in other location then go for 2nd choise (Additional Domain)

I recomend you go for "2. Additional Domain"

and for remote data accessing (@2MBPS link is good)
using the group polcy and create the virtual drive for all users i can provide you the solution if you need
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 36508154
Assuming this is SBS as per your tags, you cannot have multiple domains or child domains, and for the record you can only have one SBS. However there is no problem at all to add multiple domain controllers, which can be at various sites. You will need to set up a VPN, and they must be on different subnets, contrary to earlier comments.
It is fairly straight forward to set up.
At the remote site point DNS ONLY to the SBS, join it to the domain, in AD move the server to the MyBusiness\Computers\SBSservers OU, then run DCPromo, installing AD and DNS, (I would also install DHCP but it is not necessary so long as the local router supplies only your internal DNS servers for DNS). Next in AD Sites and Services add the remote site and subnet, and place the new server in the remote site. This will look after authentication and DNS. You may want to use different forwarders in the remote site if a different ISP, but make sure the server's NIC still points ONLY to the SBS. Users can now authenticate locally, or remotely, and access files on either server.

File You may also want to consider DFS (distributed File Services) which can be used to replicate files between the two servers. This can be advantageous but there are no file locks. If two people open a file at the same time, only the last user to close the file's changes are save.
0
Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 36508160
You may wish to also review the following document. It references SBS 2008 but the process is similar.
http://www.microsoft.com/download/en/details.aspx?DisplayLang=en&id=1880
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 250 total points
ID: 36508218
For file access, I recommend a domain based DFS namespace and DFS replication. It makes it easier to manage shares going forward, and you can potentially access files locally instead of going over the WAN. In addition, you can replicate all of the files from the remote server to your SBS server so you can skip backups on the remote server. That's what I do for my remote servers, and I have less bandwidth than you do.
0
 

Author Closing Comment

by:jwjjwj
ID: 36513772
Thank you for your advice, exactly the type of help I was looking for.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Error in Moving WSUS folder in SBS2011 20 52
Expired Certificates 4 70
Join a server to the network from amazon EC2 19 126
Manage printers on workstation from print server 4 51
A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now