How do I add a secondary Domain controller remotely without dns issues via the VPN ?
I want to add a secondary domain controller at a remote location and have both remote and local networks share duplicate the AD and share and access the same data. The data should be hosted at the local PDC and would should be backed up in real time to the Secondary DC. I currently have a site to site VPN set up with 2 sonic walls between both locations. How do I accomplish this without having DNS issues and should I set up DNS service on both the PDC and Secondary DC ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://technet.microsoft.com/en-us/library/ff807362(v=ws.10).aspx
Primary DNS server setting should always be set to some other DNS server
Secondary should be set to itself.
Primary DNS server setting should always be set to some other DNS server
Secondary should be set to itself.
I would agree on a LAN, but would that not slow name resolution due to the VPN?
I would agree on a LAN, but would that not slow name resolution due to the VPN?
I don't really believe so. If AD integrated the DNS zones are replicated. Both Domain Controllers can do name resolution for everything in AD. Clients configured properly should be ok with name resolution on either side of the VPN.
The VPN might slow down replication but even then not too bad unless its a HUGE environment throwing a LOT of replication across that VPN.
Still a bit of questionable stuff going on without more info on his environment though... but as far as DCs go, always make Primary DNS the IP of another DNS server and secondary should be its own IP address.
I suppose name resolution requests from a client would be answered by the local DC regardless of where the server's DNS points. Thus I will bow to your wisdom :-)
As mentioned I would always point to the other on a high speed connection, such as a LAN.
As mentioned I would always point to the other on a high speed connection, such as a LAN.
jbovalley1,
were you able to get this taken care of?? Anything still pending?
were you able to get this taken care of?? Anything still pending?
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- Rob Williams (https:#a42408193)
-- Danny Verrazano (https:#a42408237)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
Pber
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- Rob Williams (https:#a42408193)
-- Danny Verrazano (https:#a42408237)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
Pber
Experts-Exchange Cleanup Volunteer
ASKER
or change the primary from pointing to itself to pointing to the secondary dns and point the secondary dns to the primary ?
The DHCP and the VPN is already being take cared of by the sonic walls.