How to add remote member server 2008 R2

I'm installing a Windows 2008 R2 virtual server at a remote location (RL), at DRFortress.

That server will be our mail server for clients at the office location (OL).

Our DC is located at OL.

Are there key steps I need do to get up running safely? Things I have in mind:

How to join domain at OL
How to setup Windows 2008 Firewall
Did I miss anything?
LVL 26
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rodney BarnhardtServer AdministratorCommented:
If you are creating a DR site as you have indicated, then you will need more than just one server at the remote site. If you are intending on creating an Exchange failover DAG environment, then you would also need to have a domain controller at the site that is also a GC. Exchange requires a GC located in the same site where the Exchange server resides. If it is a DR site, then I would expect you would have a private VPN type tunnel configured from your office location to the remote location. There are also other things to consider, such as certificates for that site if your plan includes running live from there in the event your primary site is either unavailable or has been lost. I may have misunderstood what you are planning, but if not, then you have additional planning that needs to be done.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NVITAuthor Commented:
I appreciate your help,  Rodney.

The server hosts MDaemon. It is a simple program,  nothing complex like Exchange.
Basically,  we're moving that server for DR purposes.

Our ISP is including  a dedicated virtual circuit to the server.

Thanks for the reminder on the certificate.
NVITAuthor Commented:
Eventually,  we'd like to move our file server,  also. So that everything is at DRFortress.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Rodney BarnhardtServer AdministratorCommented:
In that case, I would go ahead and create a site with a DC located there. You should still be able to join the domain as long as there is a tunnel between the two subnets and routing is enabled. You would just need to ensure that you set the current DC manually in the DNS server IP settings. As long as you can ping the DC, you should be able to join it without a problem.
NVITAuthor Commented:
"...create a site with a DC located there"
OK. Do you know if making the same server a DC is ok? I mean, acceptable and or safe?

"...routing is enabled"
Would that be at one or both locations? Is that a simple setting?

"...set the current DC manually in the DNS server IP settings"
Do you mean the TCP/IP v4 properties of the NIC, i.e. "Use the following DNS server addresses"?

"As long as you can ping the DC..."
How can I do that if the DC is behind a hardware firewall w/ NAT?

As you can see, I've never done this before. Thank you for your patience.
Rodney BarnhardtServer AdministratorCommented:
Does your ISP handle your firewalls? If so, then they will probably create a VPN tunnel between the two locations. They should also make the traffic between the sites routable from both directions.

It generally is not recommended to run email on the same server as a DC. Although MS does this with SBS server. Generally, it is a higher risk for hacking, viruses, etc.

Yes, in the TCP\IP settings, ensure the DC is set as the DNS server before trying to join it.

If you have a VPN tunnel set up between the two firewalls, it allows internal traffic on both sides to pass through on all ports.
NVITAuthor Commented:
"Does your ISP handle your firewalls?"
Do you mean the firewall at DRF location? Yes, it will include a monthly firewall option.

At the office, I control the sonicwall.

"It generally is not recommended to run email on the same server as a DC"
OK. Looks like we need to add a one-time cost for another Server license plus a monthly VM cost for the DC.
Rodney BarnhardtServer AdministratorCommented:
I would think you could work with them to create a tunnel. Not sure of you model, but here are the instructions.
NVITAuthor Commented:
Thanks, Rodney. I'll put this to good use. Aloha!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.