Solved

Secondary DC in SBS 2011 Environment

Posted on 2012-03-26
10
1,487 Views
Last Modified: 2012-06-27
Hi All,

I'm in the process of setting up a site office again. We've been making revisions/improvements to the IT infrastructure each time we've done a project office and this one will hopefully will be the best yet.

The biggest issue we've had is the links back to the office is over 3g wireless which once you get a few people using it pretty much criples it.

With the last project we built up a standard windows 7 box and shared out files from that. However domain logins were slow as hell and it was generally a bitch to manage remotely due to services being all over the shop.

They have an existing SBS 2011 server in the head office, so what i would like to do is build up a secondary DC to install into the site office. We will have a VPN tunnel established so they will be joined.

I'm a bit new to adding secondary domain controllers. Could anyone either give me some step by step instructions, or point me to some reference materials on the subject.

Cheers,
Troy
0
Comment
Question by:elemist
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
10 Comments
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37766225
umm setting up a second ADC connected over 3g wireless just sounds like a ridiculously bad Idea.
0
 
LVL 1

Author Comment

by:elemist
ID: 37766235
How else would you provide domain login services to a remote office? I can't setup a second domain due to being unable to do trusts in an sbs environment...

Plus there will be a vpn tunnel between the sites which is pretty stable...
0
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37766251
can't you put in a DSL or cable modem? maybe it's just my reflex answer to 3g in my experience being flaky as hell, and terribly unreliable.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 9

Expert Comment

by:Geodash
ID: 37766265
SBS 2011, I am not sure how it will work, but you can drop a secondary RODC (Read-Only Domain Controller) in the 2nd office. I am not sure how RODC works with a SBS2011 box, but it is supported in w2k8r2 which SBS 2011 is.

According to this arrticle -

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_27296451.html

a RODC can be added to a SBS2011 environment

and here is how it is implemented -

http://technet.microsoft.com/en-us/library/cc754629%28v=ws.10%29.aspx

I have no idea how it would work over 3g wireless, but it sounds like the best option you may have.
0
 
LVL 1

Author Comment

by:elemist
ID: 37766283
The site office is in a donga in the middle of nowhere.. and the projects are always for a short period of time in different locations. So no go with any kind of physical connection. Hence why we rely on 3g.

But the stablility has been pretty good overall, and i have a couple of cisco routers at each end providing a VPN tunnel between the two offices. So far in testing the VPN has been quite stable, but that's half the reason for putting a DC so if the VPN between offices does drop the users are still able to login and out.. :)

Thanks for the links i'll have a read of them now.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37766289
then definitely, a RODC in the remote location is your best bet. I hear they work pretty well in this kind of situation.
0
 
LVL 9

Accepted Solution

by:
Geodash earned 500 total points
ID: 37766303
Yes, this is the best solution for the issue at hand.

http://technet.microsoft.com/en-us/library/cc755058(v=ws.10).aspx

For sites with low-bandwidth, it is recommended.
0
 
LVL 1

Author Comment

by:elemist
ID: 37766333
I'm assuming given the IP will need to be static and it will need to be at the other end of the VPN tunnel before i setup the RODC, otherwise if i try building it in the office first then change the IP it will kick up errors galore?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37766346
That is correct. You should be able to change it later to build it local, but DNS will bark at you for a while.
0
 
LVL 1

Author Closing Comment

by:elemist
ID: 37971419
just what we needed.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question