DaveGerke
asked on
Multiple physical locations with no active directory sites
My company has 5 locations, including our central main office. In active directory sites and services, I see no sites created except for the original default site. Each location has a domain controller with global catalog service running. We are having dns and replication issues. I need to setup the sites and put each respective domain controller/subnet inside.
My question is this: What should my process be? I see documentation on setting them up from scratch, but these locations are already running and have been for years. Will I have to recreate the global catalog or reconfigure dns? Any help will be greatly appreciated.
My question is this: What should my process be? I see documentation on setting them up from scratch, but these locations are already running and have been for years. Will I have to recreate the global catalog or reconfigure dns? Any help will be greatly appreciated.
ASKER
It is my understanding that without the sites setup, all of my domain controllers think that they are sitting in one location so all computers on my domain (regardless of physical location)try to connect to any dc. In other words computer1 located at building 2 may try to get catalog/dns info from dc3 located at building 5 instead of the dc in its own building/site/subnet.
After creating the site and migrating the dc/subnet to it, is there anything else that I need to do to prompt the computers or dcs to update information?
After creating the site and migrating the dc/subnet to it, is there anything else that I need to do to prompt the computers or dcs to update information?
To answer your initial question:
The main reason for doing this is so your clients authenticate to the correct domain controllers and aren't going over the WAN to DC's that aren't local.
I agree with akhalighi that you should look into your replication issues before you do anything.
Define the subnets first in Sites and Services
Create new site(s) for the DC's.
Assign the appropriate subnet to the sites.
The main reason for doing this is so your clients authenticate to the correct domain controllers and aren't going over the WAN to DC's that aren't local.
I agree with akhalighi that you should look into your replication issues before you do anything.
What is the status of your dcdiag /v and repadmin /repl outputs? Do you have errors associated with these commands on ANY of your DC's? Maybe start a new thread so we can resolve your replication issues first. But the above steps that I mentioned will be what you need to do in order to move the DC's accordingly.
oh I missed a 2 steps:
oh I missed a 2 steps:
move your DC's physically and change the IP addresses
move the DC's to the appropriate site in Sites and Serives
ASKER
I ran dcdiag /v on my PDC and it stated that it passed all tests, however I had latency errors on one of my domain controllers in another location. The error is as follows:
REPLICATION-RECEIVED LATENCY WARNING. Last replication received from (DC2) at 2012-02-06 10:50:38. WARNING: This latency is over the Tombstone Lifetime of 180 days.
If I need to start a new thread for this, I will. I initially thought that this was due to the lack of sites setup
REPLICATION-RECEIVED LATENCY WARNING. Last replication received from (DC2) at 2012-02-06 10:50:38. WARNING: This latency is over the Tombstone Lifetime of 180 days.
If I need to start a new thread for this, I will. I initially thought that this was due to the lack of sites setup
Yikes! yes, please start a new thread that way people can answer it who know more about it. If it's buried in this thread it might get skipped over.
Initial thoughts: run DCDiag /v and repadmin /showrepl on DC2. If you can output those to a txt file (remove any sensitive data) and attach them that would help.
Verify that your DNS has an A record for DC2. Verify that DC2 is showing up in _msdcs zones on other DC's and verify that DC2 has a zone for _msdcs.
Initial thoughts: run DCDiag /v and repadmin /showrepl on DC2. If you can output those to a txt file (remove any sensitive data) and attach them that would help.
Verify that your DNS has an A record for DC2. Verify that DC2 is showing up in _msdcs zones on other DC's and verify that DC2 has a zone for _msdcs.
ASKER
I will get that info and then start a new thread. Once that is resolved, I will post to this thread for continuation.
ASKER
OK, DNS issues are resolved and I am ready to establish sites. Here is where we are:
xDUCKx stated to "move your DC's physically and change the IP addresses"
There are already DCs at each location. These DCs also run DHCP for the subnet allocated to that location. I do not have subnets defined in sites and services.
The DCs are all already statically assigned IP addresses within that location. Here is an example...
Main location: subnet = 192.168.1.x (PDC = 192.168.1.10)
Location 2: subnet = 192.168.2.x (DC1 = 192.168.2.10)
Location 3: subnet = 192.168.3.x (DC2 = 192.168.3.10)
All are location in the Default-First-Site-Name
So do I need to first create the subnets? (Will that affect the DHCP?)
xDUCKx stated to "move your DC's physically and change the IP addresses"
There are already DCs at each location. These DCs also run DHCP for the subnet allocated to that location. I do not have subnets defined in sites and services.
The DCs are all already statically assigned IP addresses within that location. Here is an example...
Main location: subnet = 192.168.1.x (PDC = 192.168.1.10)
Location 2: subnet = 192.168.2.x (DC1 = 192.168.2.10)
Location 3: subnet = 192.168.3.x (DC2 = 192.168.3.10)
All are location in the Default-First-Site-Name
So do I need to first create the subnets? (Will that affect the DHCP?)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
All the DCs are physically in the correct location so that should not be a problem. Thanks for your help.
best thing is to see what are those DNS and replication errors are about .