Steven
asked on
Advice on configuring and replicating to a third DC across subnets.
Hi Team,
I have a project that involves moving my secondary domain controller to a cloud environment on a different not-NATed subnet. Unfortunately, in the process of doing a bare metal copy using VEEAM Agent, my DC02 came up malfunctioning, As a result of tweaking and ruminating it seemed easier to just bring the local copy of DC02 back online. My plan now is to just build a new third domain controller (DC03) and decommission the second one. My post is mostly for the sake of gathering thoughts, advice, and little-known information when it comes to setting up a new DC as this will be my first rodeo.
My current setup (IP addresses are used as an example):
DC01 (192.168.10.100) - Primary DC (AD, DNS, DHCP, Certs) on 2008 r2 on a physical device.
DC02 (192.168.10.101) - Secondary replicated AD and DNS on 2008 r2 in vSphere on an ESXi host.
DC03 (192.168.20.103) - My third DC will be built in a vCloud Director environment, likely running Server 2012 or 2016. This device will also be in a different subnet, Routes have already been established and the machines that are currently there all work correctly with the devices in my local subnet.
Are there any issues replicating AD and DNS from 2008 r2 to 2012 or 2016? Would I be better off just building a 2008 r2 machine in my VCD environment, or perhaps upgrading my primary from 2008 r2 to 2012 or 2016?
What is the industry standard for setting up and configuring a third DC and then decommissioning the secondary, such as in my case? Should I decommission the secondary before promoting the third DC?
What concerns, if any, should I have about replicating across subnets?
Tips, tricks, reading material, horror stories are all welcome.
I have a project that involves moving my secondary domain controller to a cloud environment on a different not-NATed subnet. Unfortunately, in the process of doing a bare metal copy using VEEAM Agent, my DC02 came up malfunctioning, As a result of tweaking and ruminating it seemed easier to just bring the local copy of DC02 back online. My plan now is to just build a new third domain controller (DC03) and decommission the second one. My post is mostly for the sake of gathering thoughts, advice, and little-known information when it comes to setting up a new DC as this will be my first rodeo.
My current setup (IP addresses are used as an example):
DC01 (192.168.10.100) - Primary DC (AD, DNS, DHCP, Certs) on 2008 r2 on a physical device.
DC02 (192.168.10.101) - Secondary replicated AD and DNS on 2008 r2 in vSphere on an ESXi host.
DC03 (192.168.20.103) - My third DC will be built in a vCloud Director environment, likely running Server 2012 or 2016. This device will also be in a different subnet, Routes have already been established and the machines that are currently there all work correctly with the devices in my local subnet.
Are there any issues replicating AD and DNS from 2008 r2 to 2012 or 2016? Would I be better off just building a 2008 r2 machine in my VCD environment, or perhaps upgrading my primary from 2008 r2 to 2012 or 2016?
What is the industry standard for setting up and configuring a third DC and then decommissioning the secondary, such as in my case? Should I decommission the secondary before promoting the third DC?
What concerns, if any, should I have about replicating across subnets?
Tips, tricks, reading material, horror stories are all welcome.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This implementation isn't over WAN. This is a dedicated e-line to our cloud host. Theoretically speaking, the third DC I plan to implement may as well be onsite, just on a different subnet - the difference, for example, is 192.168.10.0 and 192.168.20.0.
Yes, you are extending your network
Still I suggest install 1st 2012 / 2016 DC in local AD site as FSMO and then extend to cloud
Still I suggest install 1st 2012 / 2016 DC in local AD site as FSMO and then extend to cloud
ASKER
Gotcha. Okay.
So my primary DC01 is already here as a 2008 r2 device that houses all of my current infrastructure resources (DNS, AD, DHCP, etc). Are you suggesting I upgrade from 2008 r2 before implementing my third DC in the cloud? I would like to avoid the risk and the work if I could.
So my primary DC01 is already here as a 2008 r2 device that houses all of my current infrastructure resources (DNS, AD, DHCP, etc). Are you suggesting I upgrade from 2008 r2 before implementing my third DC in the cloud? I would like to avoid the risk and the work if I could.
I am not suggesting to upgrade existing 2008 R2 DCs
Add new servers with 2012 / 2016 and promote them as ADC
transfer FSMO, test how AD functionality goes by pointing your devices / DHCP scopes to new DC servers and once through introduce 2012 / 2016 DCs in cloud
Later on demote 2008 R2 DCs
I don't understand what is problem here ?
Add new servers with 2012 / 2016 and promote them as ADC
transfer FSMO, test how AD functionality goes by pointing your devices / DHCP scopes to new DC servers and once through introduce 2012 / 2016 DCs in cloud
Later on demote 2008 R2 DCs
I don't understand what is problem here ?
ASKER
Would a 2008 r2 device have any issues replicating to a 2016 DC? My plan is to ultimately retain the physical on-prem device, 2008 r2, as a primary DC and replicate AD and DNS to a cloud-hosted 2016 device.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- 'Mahesh' (https:#a42742594)
-- 'Mahesh' (https:#a42742376)
-- 'Mahesh' (https:#a42742350)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- 'Mahesh' (https:#a42742594)
-- 'Mahesh' (https:#a42742376)
-- 'Mahesh' (https:#a42742350)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
ASKER
Everything is working as expected. Both on-prem DC01 and DC02 are functioning normally as 2008 r2. My post is in regards to the industry standards for setting up and configuring a third DC off-prem on a different subnet, and then decommissioning DC02.
Are you suggesting there may be issues with configuring a third DC off-prem? What problems should I expect to face?