What do I need to do after setting up new site office AD servers ?

Hi,

I'm about to implement new additional domain controllers in some of my new Site Office locations that will be opened next week. Each site offices has different IP address subnet and I'd like to setup one domain controllers (AD & DNS integrated) to serve the user login.

Here's the example:

Data Center:
AD Domain: Company.com
AD Site: Data_centre
IP Address class: 10.1.1.0/24
2x AD DC/GC servers running FSMO role spread across two different servers

New Site Office 1:
AD Domain: Company.com
AD Site: Site_Office1
IP Address class: 10.1.15.0/24
1x AD DC/GC server running DNS Server role.

New Site Office 2:
AD Domain: Company.com
AD Site: Site_Office2
IP Address class: 10.1.16.0/24
1x AD DC/GC server running DNS Server role.

New Site Office 3:
AD Domain: Company.com
AD Site: Site_Office3
IP Address class: 10.1.17.0/24
1x AD DC/GC server running DNS Server role.

The AD domain in my current office data center is just one single domain forest.  

What AD components that I need to setup to ensure that the maximum reliability for the users in each AD sites when the server in Data Centre is having connection problem ?

What do I need to setup in AD Sites and Services console ?

Thanks
LVL 10
Senior IT System EngineerIT ProfessionalAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SreRajCommented:
Hi,

In AD Sites & Services console you should do the following steps.

1. Create Site Objects for the New Office Sites
2. In the properties of newly created Site Object, add the subnet information

Once you assign IP Address to the new domain controller and install ADDS and promote it, the server object will automatically created inside the site. New DCs will be detected based on its IP Address.

Also, site connections for AD Replications will be create automatically. AD will analyze topology and will created connections based on the best available options.
0
SreRajCommented:
Once the new domain controllers are available in Sites & Services console, in the properties you have to option to enable it as a Global Catalog Server.
0
Will SzymkowskiSenior Solution ArchitectCommented:
Once the new domain controllers are available in Sites & Services console, in the properties you have to option to enable it as a Global Catalog Server.

This would have also been an option during the initial promotion of the domain controller. Once sites and services is configured properly, make sure that you check your replication using the following commands.

- repadmin /replsum
- repadmin /showrepl
- repadmin /bridgeheads

Also make sure that all of your DC links are automatically created. Do not manually create these. If created manually the KCC (knowledge Consistency Checker) will ignore this manually created links and will not regenerate them if there is a DC that is not reachable.

Only use manually created connections when you have a specific requirement to replicate traffic to/from a specific site.

Will.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Senior IT System EngineerIT ProfessionalAuthor Commented:
Will, what about if I created two types of connection ?
one is automated to any random DC and the other is manually created to the Domain Controller in the Data Centre
0
Will SzymkowskiSenior Solution ArchitectCommented:
All of your connections in Site and Services should be automatically generated. If you have manual connections created and they were not created for a particular reason then what I would recommend is deleting those connections and then do the following..
- on the DC where you deleted the manually created connections
- expand to ntds settings
- right click ntds settings
- select all tasks
- select "check replication topology

This will re-create connections automatically, for you.

Always have connections auto generated unless you have an absolute reason to do so.

Will.
0
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks Will,

So do I need to remote desktop into the DC and then use the AD Sites and Services from there ?
or can I do it from my laptop with RSAT console which connect to the HQ Office AD DC?
0
Will SzymkowskiSenior Solution ArchitectCommented:
Either way will work. Typically I do everything from my laptop using RSAT.

Will.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks guys !
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.