Are there issues with having basically a "child" domain controller of a primary domain located in a different location connected via Site-to-Site VPN?

Their primary location, here in xxxx, has a new server up and running with a single Windows Server 2012 R2 Standard VM that is acting as their domain controller, primary DNS server, and file server for their xxxxx office.  In xxxxx, we have an identical server that we are spinning up a new Windows Server 2012 R2 Standard VM on.  This server will act as a file server for their aaaaaa office, but I also want it to be a domain controller and DNS server for their office.  Now, here's the thing though.  I want them to BOTH be on the same domain.  In other words, I want to setup xxxxxx to be the primary domain controller, and aaaaaa as the secondary domain controller.  All of the workstations will point to the xxxx VM as their primary DNS and the aaaaa VM as their secondary DNS via a site-to-site VPN connecting the two networks.  In aaaaa, it would be just the reverse, with their workstations looking at the aaaaa VM as their primary DNS and then xxxxx as the secondary DNS.

[10:30]  
In practice, this was working fine when we had it setup working in the lab.  However, from an actual deployment and production standpoint, what do you think?  Are there issues with having basically a "child" domain controller of a primary domain located in a different location connected via Site-to-Site VPN?
steve vredenburgAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
Be cautious in your use of terminology. A child domain controller is a real thing, and it is *not* what you described.

But as yo what you propose, this is perfectly normal. Active Directory is multimaster and handles multiple domain controllers over WAN links just fine. There is no "primary" as such. Just define your sites in AD properly and make sure your DCs are in the sites you design.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ACT

From novice to tech pro — start learning today.