Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Add DC at remote branches. 3

Status
Not open for further replies.

jason985

IS-IT--Management
Oct 16, 2002
66
US
This is the situation.

I have 2 remote branches and the main branch. Currently I have only 1 DC at the main branch for all users’ at all three locations to login. Because of slow logon times at the remote branches I want to put a DC and also use it as backup for our main server. BTW: our branches are connect via T1 P2P.

To do this do I need to create sites in AD on my main server?
What steps would be the best route in order to accomplish this.

I really appreciate all your help.

TIA
 
Do the sites all share the same DHCP server and IP subnet as well? If so, I don't think you have to create seperate sites in your AD, but I could be wrong on that.

To put a local DC in your remote sites, as long as they are already part of the same internal domain, you should be able to run DCPROMO on a server at the remote site. You'll want to make sure your replication settings are set-up properly. Workstations will automatically authenticate with the closest controller and only if it doesn't respond (or is too busy) will the users have to go over the T1 to authenticate.

Good luck,
 
Tell us some more, as lhuegle aludes to are all the branches on seperate subnets??

Generally speaking you should have sites and their associated subnets configured in AD sites and services but please give some info on your IP addressing structure

Paul
MCSE


"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
You wouldn't HAVE to necessarily create separate sites, but I think that you would want to. If everything is treated as a single site, then even if you have a DC at the remote sites there's no guarantee that they will authenticate to it instead of the central DC. If you create multiple sites then your users will authenticate against the DCs in their own site first, then branch out if the locals are unavailable.

As a general rule, if they are physically separate sites, set them up as separate sites. At my last job we had a satellite office that was literally right around the corner from us, connected by a pair of T1s. But it was still defined as a separate site.
 
Each branch is on a different subnet. Example: Main branch on 10.10.10.0, Remote Site1 10.10.11.0, Remote Site2 10.10.12.0 etc….

I am using one DHCP but it is only for main site, the branches are static ip. I did not think DHCP was routable over T1 p2p so I just gave remote branches Static IPs. If possible I would like to use DHCP at remote branches as well.

Essentially all sites connect back to the main branch to authentic user logons and network shares. I want to add additional DC at each branch to authentic local rather than over P2P T1, but at the same time I want other branches to be able to use the DC if the main site fails. So I need some sort of AD replication to each DC at branches during closed hours.

I hope I am explaining the well.

Thanks all for you help!
 
In that case you will want to make use of AD sites.

This is a good starting point;


As for DHCP you could either create more scopes for the branch offices on your central DHCP server or have a server at each branch doing dhcp for that branch site.
There was a thread on here not long ago about using DHCP over a WAN link, I'll see if i can find it.

Paul
MCSE


"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Sounds like a snap. Just set up a DC at each remote site, set them up as a separate site in AD Sites and Services, and put a DHCP server on each DC with a scope that is specific to that site (and matches the scope defined in AD Sites and Services). After that you'll have DHCP everywhere, plus users will authenticate against their local DCs.
 
One more question: If I am hosting user profiles/docs on the main DC will the profiles/docs replicate as well or do I need to setup somthing different for that?

TIA
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top