Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Proper method for adding a second site in Active Directory

Status
Not open for further replies.
Motiv

Motiv

ISP
Dec 30, 2007
26
US
Hello all. I was hoping to find some sort of guidance for what I need to accomplish in our Active Directory environment.

We have an Active Directory setup in our office consisting of one Windows 2003 domain controller and one Windows 2000 domain controller.

We will be placing certain hardware in two separate off site data center locations.

I would like to make these two separate locations a part of our existing Active Directory.

I understand this can be accomplished by using the Active Directory Sites and Services snap in.

My question is how does this get done? Say we have 3 machines in one data center, one of which can be a domain controller, and two member servers.

Would I first join these computers in the data center to a domain and then add the site via Sites and Services from our office? Or how does this work?

I tested by creating another differently named domain on the data center machines and then adding a new Site/Subnet as well as a Site Link in AD Sites and Services. I set the replication for every 15 minutes but nothing every happened, so i'm sure I did something wrong.

Can anyone point me in the right direction for adding additional sites at off site locations to our existing Active Directory?

Thanks in advance

 
Sort by date Sort by votes
You only need sites for locations that host a dc, just manually create them and create the subnet objects and assign them to that site.

If you have a prefered logon path for servers on wan links with no dcs, create a subnet for each one and point them to the prefered site. Creating subnets for every ip range you have will also prevent some errors in event logs relating to ip addresses not matching to a site.
 
Upvote 0 Downvote
prestage the site(s) through ad sites & services
create subnets that follow the IP specs for the new sites and attach them to the appropriate new site
load OS on new DCs
point to PDCe for preferred DNS
run dcpromo

they should come up in the proper site after promotion and reboot...afterwards, merely need to make them global catalogs....

-Brandon Wilson
MCSE00/03, MCSA:Messaging00, MCSA03, A+

 
Upvote 0 Downvote
Unless its a multi domain environment you don't need to add new dc's as a global catalog as is just extra replication that will never be used.
 
Upvote 0 Downvote
Unless its a multi domain environment you don't need to add new dc's as a global catalog as is just extra replication that will never be used.
Click to expand...

In a single domain environment all DCs should be global catalogs, so says MS best practices.

There is no extra replication traffic as all DCs replicate the domain naming context anyway.

Paul
MCSE 2003
MCTS:Active Directory
MCTS:Network Infrastructure
MCTS:Applications Infrastructure

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote
pagy is correct

global catalogs are site based, to allow faster logon vs. lookup over the WAN (you can also use global & universal group membership caching to avoid replication overhead throughout the day, but GC function is better). There is no rule regarding GCs and multidomain environments as described above that has any negative impact.

its actually that all DCs EXCEPT for the infrastructure master should be a GC. IF the infrastructure master is a GC, so too must be ALL other DCs.

the only reason you would nt want to use GCs would be if you have sites that are behind very very slow links.

-Brandon Wilson
MCSE00/03, MCSA:Messaging00, MCSA03, A+

 
Upvote 0 Downvote
One thing i found with sites is that we needed to make each site have a DNS. Otherwise, if the T1 from our main office to our remote office went down, users couldn't log into the domain from the remote office, despite a DC being there. They were logged in with cached credentials and got no network drives.



Thanks,
Andrew
 
Upvote 0 Downvote
yes

i mustve forgot to mention to see my FAQ on configuring DNS for domains/DCs :) its on this site, just query the FAQs for my screen name :) This will walk you through EXACTLY how to configure your DNS globally, both server and client side :)

-Brandon Wilson
MCSE00/03, MCSA:Messaging00, MCSA03, A+

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
426
DTGMI
DTGMI
julis2103
  • Locked
  • Question
Active Directory
Replies
0
Views
147
julis2103
julis2103
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
779
goombawaho
goombawaho
Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
508
gbaughma
gbaughma
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
923
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top