Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Automatic AD replication via VPN ???

Status
Not open for further replies.
LiLAmy

LiLAmy

IS-IT--Management
Jun 28, 2002
22
US
Situation:
1 AD Domain, 2 Sites, 2 DC's

At a satellite office I have setup a DC in a seperate site, but in the same AD domain as the main office. The remote office only has a DSL connection and each client establishes it's own VPN connection to the RRAS when it needs to access resources at the main office.

My question pertains to the newly setup DC. Aside from having the DSL router itself establish the VPN connection, what solutions are there to have the DC first establish a VPN connection prior to performing each replication? (Because without it, it has no way of contacting the other DC)

Obviously, establishing the VPN connection from the DC manually is one solution, and then leaving it on all the time. But this won't work since it will get disconnected periodically and there is nobody available to re-connect it. Plus the connection would constantly un-necessarily use precious bandwith...

Or am I thinking in the wrong direction here?

Any input would appreciated. Thanks!

-lil amy
 
Sort by date Sort by votes
Hello Lil!

I think you must use Demand Dial VPN Router + set a DC in your satellite office to be a GC server. Then you'll minimize WAN traffic and 'll get what you want.

Hope it will be useful.


Victor K
psas@canada.com
MCSE+I;MCSA;MCSE(w2k);CNE(5.1);MCNE(6);CIWSP;CIWSA.
 
Upvote 0 Downvote
I thought there was only supposed to be one GC Server per domain? How do you create 2?

So your saying there is no way to accomplish my goal without a VPN router?
 
Upvote 0 Downvote
You can have as many GC servers as DC 's . But it's not recommended to do so. But in your situation Demand Dial VPN Router , I think , is the best solution because of advanced level of security + satisfaction with your current WAN topology.

It's very easy to add a GC to your DC:
sites and services snapin
sites
your satellite site
servers
servername
ntds settings
right click/properties
GC mark - check it.


Hope it will help you.

Good luck

Victor K
psas@canada.com
MCSE+I;MCSA;MCSE(w2k);CNE(5.1);MCNE(6);CIWSP;CIWSA.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
307
suncit
suncit
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
137
DrB0b
DrB0b
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
197
DTGMI
DTGMI
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
116
StevenFromSouth
StevenFromSouth
Dave60608
  • Locked
  • Question
Accessing shared folders via a network
Replies
5
Views
233
strongm
strongm

Part and Inventory Search

Sponsor

Back
Top