?
Solved

Install Domain Controller at a different site

Posted on 2012-08-17
9
Medium Priority
?
712 Views
Last Modified: 2012-09-19
Currently, we have 2 Domain Controllers (Windows Server 2003) at our headquarter office.  We want to install another Domain Controller (also Windows Server 2003) at a different site (different subnet) which is connected to our headquarter via Site-to-Site VPN.  The question I have is that can I install the new Domain Controller at the new site?  If not, how can I do it?  Thanks.
0
Comment
Question by:mamtashah
9 Comments
 
LVL 11

Expert Comment

by:netballi
ID: 38306829
Here is rough step by step process to install DC at your remote site

http://www.howtonetworking.com/domain/dcinremote1.htm
0
 

Author Comment

by:mamtashah
ID: 38306863
Once I am at the new site, can I just simply add Domain Controller server role and dcpromo it?  I read through a lot of articles online, and they all seem to suggest to create a new site in Active Directory Sites and Services and move the DC to the new site.  The thing is that new DC has not been installed yet, how can I move it to the new site?  Does that mean that I have to install the DC at the headquarter before I ship the server to the new site?  Please help explain.  Thank you.
0
 
LVL 3

Assisted Solution

by:Dimitris Ioakimoglou
Dimitris Ioakimoglou earned 2000 total points
ID: 38306875
Yes, you can install it on the other site of your VPN. However make sure that you have entered your new site and subnet (I suppose there is one, since you've got VPN) on Active directory sites and services, and you have perfectly working dns from you remote site to your main site, or else troube is guaranteed.
You absolutely need to have GOOD connectivity, though. You don't want a failure during dcpromo.

However, in such cases I prefer to have a subdomain set up, but it's a matter of particular needs and maybe you really need a 3rd domain controller for your existing domain there.

I don't know if windows 2003 supports the deployment of RODCs, but if it does I suggest you think about that too. Especially if there's no admin in your remote site.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 3

Expert Comment

by:Dimitris Ioakimoglou
ID: 38306883
And I shoud add that, OF COURSE setting up something remotely, especially something that constantly needs data from the other side of your connection is NEVER as safe a doing it locally.

I know you probably know this, I'm just pointing it out.
0
 

Author Comment

by:mamtashah
ID: 38306896
Thank you for the suggestions above.  You said that I needed a perfectly working DNS from remote site, did you mean that I need to install DNS server role at the remote site BEFORE I add Domain Controller role and dcpromo it?  As far as I know, during the DC promotion, it will ask you to install DNS role.  Just to clarify, currently there are no servers at the remote site.  This new DC will be the very first server to be set up.  Please let me if I miss anything here.
0
 
LVL 3

Accepted Solution

by:
Dimitris Ioakimoglou earned 2000 total points
ID: 38306911
no no, I meant you should be able to resolve domain PCs and servers from both sides of the VPN.
In other words, if you're using a classic active directory set up, you should have your 2 domain controllers IPs set as DNS servers on your new server's NIC.
During DCPROMO it will indeed become a DNS server itself. Until then you'll need reliable DNS with the primary site.
0
 

Author Comment

by:mamtashah
ID: 38306937
There is a temporary laptop connected at remote site.  From it I can ping our PCs and servers in our headquarter office by both IP address and FQDN.  So, am I good to go?  Just to be sure, should I add the remote site and subnet and link it to our headquarter site in Active Directory Sites and Services before I install this new DC?  Or will this site be created automatically during the installation?  Thanks again.
0
 

Expert Comment

by:PaulColuccio
ID: 38306965
By the way, you don't have to create a new site unless you want to control replication. As long as the remote DC has the other DC as its DNS server, you should be good to go. You can always create the site after everything is finished. Sites are more to limit bandwidth usage and control dfs replication.
0
 

Author Comment

by:mamtashah
ID: 38307013
Thanks all.  I will give it try.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
#Citrix #POC #XenDesktop #vCenter #VMware #ESX
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question