?
Solved

Secondary DC in SBS 2011 Environment

Posted on 2012-03-26
10
Medium Priority
?
1,499 Views
Last Modified: 2012-06-27
Hi All,

I'm in the process of setting up a site office again. We've been making revisions/improvements to the IT infrastructure each time we've done a project office and this one will hopefully will be the best yet.

The biggest issue we've had is the links back to the office is over 3g wireless which once you get a few people using it pretty much criples it.

With the last project we built up a standard windows 7 box and shared out files from that. However domain logins were slow as hell and it was generally a bitch to manage remotely due to services being all over the shop.

They have an existing SBS 2011 server in the head office, so what i would like to do is build up a secondary DC to install into the site office. We will have a VPN tunnel established so they will be joined.

I'm a bit new to adding secondary domain controllers. Could anyone either give me some step by step instructions, or point me to some reference materials on the subject.

Cheers,
Troy
0
Comment
Question by:elemist
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
10 Comments
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37766225
umm setting up a second ADC connected over 3g wireless just sounds like a ridiculously bad Idea.
0
 
LVL 1

Author Comment

by:elemist
ID: 37766235
How else would you provide domain login services to a remote office? I can't setup a second domain due to being unable to do trusts in an sbs environment...

Plus there will be a vpn tunnel between the sites which is pretty stable...
0
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37766251
can't you put in a DSL or cable modem? maybe it's just my reflex answer to 3g in my experience being flaky as hell, and terribly unreliable.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 9

Expert Comment

by:Geodash
ID: 37766265
SBS 2011, I am not sure how it will work, but you can drop a secondary RODC (Read-Only Domain Controller) in the 2nd office. I am not sure how RODC works with a SBS2011 box, but it is supported in w2k8r2 which SBS 2011 is.

According to this arrticle -

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_27296451.html

a RODC can be added to a SBS2011 environment

and here is how it is implemented -

http://technet.microsoft.com/en-us/library/cc754629%28v=ws.10%29.aspx

I have no idea how it would work over 3g wireless, but it sounds like the best option you may have.
0
 
LVL 1

Author Comment

by:elemist
ID: 37766283
The site office is in a donga in the middle of nowhere.. and the projects are always for a short period of time in different locations. So no go with any kind of physical connection. Hence why we rely on 3g.

But the stablility has been pretty good overall, and i have a couple of cisco routers at each end providing a VPN tunnel between the two offices. So far in testing the VPN has been quite stable, but that's half the reason for putting a DC so if the VPN between offices does drop the users are still able to login and out.. :)

Thanks for the links i'll have a read of them now.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37766289
then definitely, a RODC in the remote location is your best bet. I hear they work pretty well in this kind of situation.
0
 
LVL 9

Accepted Solution

by:
Geodash earned 2000 total points
ID: 37766303
Yes, this is the best solution for the issue at hand.

http://technet.microsoft.com/en-us/library/cc755058(v=ws.10).aspx

For sites with low-bandwidth, it is recommended.
0
 
LVL 1

Author Comment

by:elemist
ID: 37766333
I'm assuming given the IP will need to be static and it will need to be at the other end of the VPN tunnel before i setup the RODC, otherwise if i try building it in the office first then change the IP it will kick up errors galore?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37766346
That is correct. You should be able to change it later to build it local, but DNS will bark at you for a while.
0
 
LVL 1

Author Closing Comment

by:elemist
ID: 37971419
just what we needed.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month7 days, 21 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question