What do I need to do after setting up new site office AD servers ?

Hi,

I'm about to implement new additional domain controllers in some of my new Site Office locations that will be opened next week. Each site offices has different IP address subnet and I'd like to setup one domain controllers (AD & DNS integrated) to serve the user login.

Here's the example:

Data Center:
AD Domain: Company.com
AD Site: Data_centre
IP Address class: 10.1.1.0/24
2x AD DC/GC servers running FSMO role spread across two different servers

New Site Office 1:
AD Domain: Company.com
AD Site: Site_Office1
IP Address class: 10.1.15.0/24
1x AD DC/GC server running DNS Server role.

New Site Office 2:
AD Domain: Company.com
AD Site: Site_Office2
IP Address class: 10.1.16.0/24
1x AD DC/GC server running DNS Server role.

New Site Office 3:
AD Domain: Company.com
AD Site: Site_Office3
IP Address class: 10.1.17.0/24
1x AD DC/GC server running DNS Server role.

The AD domain in my current office data center is just one single domain forest.  

What AD components that I need to setup to ensure that the maximum reliability for the users in each AD sites when the server in Data Centre is having connection problem ?

What do I need to setup in AD Sites and Services console ?

Thanks
LVL 9
Senior IT System EngineerIT ProfessionalAsked:
Who is Participating?
 
Will SzymkowskiSenior Solution ArchitectCommented:
Either way will work. Typically I do everything from my laptop using RSAT.

Will.
0
 
SreRajCommented:
Hi,

In AD Sites & Services console you should do the following steps.

1. Create Site Objects for the New Office Sites
2. In the properties of newly created Site Object, add the subnet information

Once you assign IP Address to the new domain controller and install ADDS and promote it, the server object will automatically created inside the site. New DCs will be detected based on its IP Address.

Also, site connections for AD Replications will be create automatically. AD will analyze topology and will created connections based on the best available options.
0
 
SreRajCommented:
Once the new domain controllers are available in Sites & Services console, in the properties you have to option to enable it as a Global Catalog Server.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Will SzymkowskiSenior Solution ArchitectCommented:
Once the new domain controllers are available in Sites & Services console, in the properties you have to option to enable it as a Global Catalog Server.

This would have also been an option during the initial promotion of the domain controller. Once sites and services is configured properly, make sure that you check your replication using the following commands.

- repadmin /replsum
- repadmin /showrepl
- repadmin /bridgeheads

Also make sure that all of your DC links are automatically created. Do not manually create these. If created manually the KCC (knowledge Consistency Checker) will ignore this manually created links and will not regenerate them if there is a DC that is not reachable.

Only use manually created connections when you have a specific requirement to replicate traffic to/from a specific site.

Will.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Will, what about if I created two types of connection ?
one is automated to any random DC and the other is manually created to the Domain Controller in the Data Centre
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
All of your connections in Site and Services should be automatically generated. If you have manual connections created and they were not created for a particular reason then what I would recommend is deleting those connections and then do the following..
- on the DC where you deleted the manually created connections
- expand to ntds settings
- right click ntds settings
- select all tasks
- select "check replication topology

This will re-create connections automatically, for you.

Always have connections auto generated unless you have an absolute reason to do so.

Will.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks Will,

So do I need to remote desktop into the DC and then use the AD Sites and Services from there ?
or can I do it from my laptop with RSAT console which connect to the HQ Office AD DC?
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks guys !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.