Active Directory

I'm running Server 2008 R2 on my network, we now have a new location (eight (8) users from our main office has moved to a new building) connected via 2 Cisco routers through static IP address from ISP.

How do i configure AD so that these 8 users still have access to there files, my docs and other mapped drives across the network.

Main office subnet is 10.0.0.0/24 and new building is 192.168.2.0/24 Main domain controller is in main office new building have a domain controller as well.

Please advise.

Regards

LOTMOORE
LOTMOOREAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TemodyPickalbatros, IT ManagerCommented:
VPN site to site is the best solution for you using Cisco hard ware or via Microsoft TMG
0
LOTMOOREAuthor Commented:
I already have a VPN site to site setup both location are seeing each other and can ping all IP Address.

What i'm asking is how to configure AD to access Docs and map drives from main office to new building.

Do I add the new building server to main office as a member server or do I use sites and services along with domain trust or what???

What I need to accomplish is to have the users in the new building to work as if they are still in the main office as in accessing files, docs and mapped drives and auth / domain access as if they have not moved.
0
CKabsCommented:
If the users are simply logging into the domain controller in site A via a vpn tunnel, then there roaming profiles/folder redirection should work without issue at site B (new site). Are the users authenticating to a new domain controller at site B?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Will SzymkowskiSenior Solution ArchitectCommented:
If your remote site does not have a DC locally then You need to do the following...
-setup your clients at the remote office to use another DNS/DC from another geographical close site.

- you also will want to add the subnet for the remote site in AD sites and services

Yes you still do this even though there is no DC in the site. You add this subnet as an additional subnet in the same site where you are point your clients for DNS. You need to associate EVERY SITE with or without a DC to an associated site so that you control where your clients will authenticate to. If you do not do this your clients logon servers could be in another geographical location far away which will delay logon times and performance.


If you have a dhcp server in the remote site for your clients then just update the scopes for the DNS option to point to another DNS server in another site.

Will.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LOTMOOREAuthor Commented:
If the users are simply logging into the domain controller in site A via a vpn tunnel, then there roaming profiles/folder redirection should work without issue at site B (new site). Are the users authenticating to a new domain controller at site B?

Ans to this is YES the users are authenticating to a new domain controller in the new building.

Why are you asking? what are your thoughts on this? which direction are you looking at or thinking to resolve this???
0
LOTMOOREAuthor Commented:
I'll try this and see as i'm working in a live environment (online) and see
0
Will SzymkowskiSenior Solution ArchitectCommented:
If you have a DC in the remote site B then you want to point your clients to this local DC, and not to a DC in another site. You are also going to need to add your subnet of Site B in AD sites and services.

Will.
0
LOTMOOREAuthor Commented:
Ok kool but my question is do I add site B DC to site A as a member server or as a stand alone DC for site B then add the subnet to site A also do I need a domain trust between both locations?.
0
CKabsCommented:
The trust is only required if they are in seperate domains. If they are in the same domain you could add this remote site as a SDC. Leaving your main site as PDC. Sites and services is not really required for what your doing IMO. As you could simply stand up file services on site b DC and set the profile paths to host from that server.  Now if your using Folder redirection (which I don't suggest for remote sites) then you could set up a separate GPO for users at that site.
Using sites and services is great for controlling the preferred DC to clients login to. However for just parsing logins (provided you have adequate bandwidth) it should be fast enough regardless.
0
Will SzymkowskiSenior Solution ArchitectCommented:
You will have different sites created for Site A and Site B. Each DC will represent each of the sites. You then add both of these sites to your Default Site Link which then forms automatic connections to all of the DC's within each Site and also between sites.

Take a look at my AD Sites and Serivces Part1 which outlines a high level overview of all of the basics for AD Sites and Services. This will help you understand how each of the sites should be connected.

AD Sites and Services Part1
http://www.wsit.ca/how-tos/active-directory/active-directory-sites-and-services-part-1/

I will be publishing AD Sites and Services Part2 very shortly.

Will.
0
LOTMOOREAuthor Commented:
I'll give you a feedback on this outcome shortly
0
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.