Solved

Active Directory two locations

Posted on 2011-09-08
6
807 Views
Last Modified: 2012-05-12
Hi I am setting up a new network at two sites approx 100 miles apart.
Between the two sites I have 2mbits per/s bandwidth routed link.

I would like to know the best way - how to, set up replication between the two sites so I can achieve the following.
1. Local Logon to active directory without local users having to go across the routed link to logon or access files.
2. Remote users at the 2nd, distant site, will after logon, get their Exchange email from the HQ SBS 2011 site but store their data files on their local server.
3. occassionally local clients at HQ will want to access files on the remote server.
4 occassionally remote clients will want to access files on the HQ server.
5. I do not require help with directory rights etc or the networking etc,, rather I would like help with AD replication - PDC and BDC setup so each site works locally most of the time.
0
Comment
Question by:jwjjwj
6 Comments
 
LVL 20

Expert Comment

by:Radhakrishnan Rajayyan
ID: 36508020
Hi jwjjwj,

I hope you have configured Site to Site VPN between 2 offices and both are in the same subnet, If yes, I hope you placed a Primary DC on main office and put an additional DC into branch office, Enable Global Catalog role on both server for fast replication.

Please let us know for further help.
0
 
LVL 1

Expert Comment

by:praveen_16july
ID: 36508066
hi jwjjwj,

you have two options:
1. Child Domain
2. Additional Domain

if your user as a roaming user like some time one location and some time in other location then go for 2nd choise (Additional Domain)

I recomend you go for "2. Additional Domain"

and for remote data accessing (@2MBPS link is good)
using the group polcy and create the virtual drive for all users i can provide you the solution if you need
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 36508154
Assuming this is SBS as per your tags, you cannot have multiple domains or child domains, and for the record you can only have one SBS. However there is no problem at all to add multiple domain controllers, which can be at various sites. You will need to set up a VPN, and they must be on different subnets, contrary to earlier comments.
It is fairly straight forward to set up.
At the remote site point DNS ONLY to the SBS, join it to the domain, in AD move the server to the MyBusiness\Computers\SBSservers OU, then run DCPromo, installing AD and DNS, (I would also install DHCP but it is not necessary so long as the local router supplies only your internal DNS servers for DNS). Next in AD Sites and Services add the remote site and subnet, and place the new server in the remote site. This will look after authentication and DNS. You may want to use different forwarders in the remote site if a different ISP, but make sure the server's NIC still points ONLY to the SBS. Users can now authenticate locally, or remotely, and access files on either server.

File You may also want to consider DFS (distributed File Services) which can be used to replicate files between the two servers. This can be advantageous but there are no file locks. If two people open a file at the same time, only the last user to close the file's changes are save.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 36508160
You may wish to also review the following document. It references SBS 2008 but the process is similar.
http://www.microsoft.com/download/en/details.aspx?DisplayLang=en&id=1880
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 250 total points
ID: 36508218
For file access, I recommend a domain based DFS namespace and DFS replication. It makes it easier to manage shares going forward, and you can potentially access files locally instead of going over the WAN. In addition, you can replicate all of the files from the remote server to your SBS server so you can skip backups on the remote server. That's what I do for my remote servers, and I have less bandwidth than you do.
0
 

Author Closing Comment

by:jwjjwj
ID: 36513772
Thank you for your advice, exactly the type of help I was looking for.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now