Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Second Domain controller in a 2003SBS Domain 1

Status
Not open for further replies.

mitmont

MIS
Jun 15, 2003
65
US
Hello, I'm adding a new 2003 Standard R2 server as a domain controller to an existing 2003SBS Domain. Ran the ADPREP tool for forest prep and domain prep. The command screen flashes for a second then goes away on each. I've used the ADPREP from disk 2 of the new server R-2 disk. ISA is running on SBS server and I've already installed the msp client on the new server.

I've searched and others say to run the adprep from the disk. Any support greatly appreciated.

Dave
 
I'd open a cmd prompt and run the adprep from there. I'm sure you're running the adprep from the SECOND CD in the R2 set, right?

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -
 
I agree with Pat to see what it is reporting, but beyond that have you tried to DCPROMO the server since doing this?

R2 does introduce some schema changes, but there won't be many compared to running ADPREP when going from Windows 2000 to 2003. Depending on the speed of your hardware you may simply be seeing it complete. And subsequent attempts could just be saying it has already been run.

Keeping the command prompt open will help you determine that.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
 
I think you really can't have multiple domain controlers in a SBS forest.

This is a quote from microsot:

Q. Are there any Active Directory design constraints in SBS 2003 R2?

A. Yes. SBS 2003 R2 has the following design constraints: only one server in a domain can be running SBS 2003 R2; it must be the root of the Active Directory forest; you cannot create trust relationships with any other domains; and an SBS 2003 R2 domain cannot have any child domains. In addition, all the flexible single master operations (FSMO) are restricted to running on the SBS 2003 R2 server.


Source link:
 
metaxlog, there is nothing that prevents running a full Windows 2003 Server or even a Windows 2000 Server as an additional DC in an existing SBS Domain.

As you have posted you can not have trusts or child domains and there can only be one SBS server on the network. Furthermore the SBS server must hold all the FSMO roles.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
 
I didn't think you had to run adprep on a 2003 server before promotion, as far as i am aware you only run adprep on a 2000 server to extend the schema.
 
Thanks markdmac, I did have my daubts. I guess the only real constrains is that the SBS server wants to be the only boss in the network. It depends on what you will be using the second domain for I guess.
 
It depends on what you will be using the second domain for I guess.

Get your terminology straight metaxlog. This is addding a second domain controller for the same domain, not adding a second domain.

In an SBS domain a second DC can help with authentication and DNS. From the domain perspective, it does not do much more. From the standpoint of redundancy it doesn't offer the same benefits as it would in a Windows 2003 domain without SBS.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
 
Hello,

I too am adding a second DC to a SBS 2003 domain. My reasoning is that we are setting up a remote location a couple of miles away from the main office. There will be a dedicated line run between the two locations utilizing a proprietary Verizon circuit and a Firebox X700 on both ends. I'm wondering if there exists some kind of white paper for this setup. I've got DNS installed on the second DC, and it's on a different subnet, so I have two reverse lookup zones - one for each subnet. I'm wondering now if I should set up a separate site for the remote location in AD Sites and Services to allow the AD replication to function more smoothly. Is this necessary, or can I just leave then both in the same site? The connection between the two sites is about 756K.

So I guess I really have two questions: 1. Is there a white paper available on this topic? 2. Do I need a second site in AD?

Thanks for any advice you can give me!


Mike
[morning]
 
Was this a dumb question? I'm assuming I need a second DC because I want the file server and authentication to happen locally, instead of over the VPN link. Should I just keep them both in the same location in AD?

Thanks,


Mike
[morning]
 
You should configure the 2 sites in sites and services as it will help control the replication traffic between the servers, the other thing you need to consider is you will need a Global Catalog server at each site

I have set this up we also added a second exchange server at the remote site. really resolved the slow log on issues we were having across the VPN link.

Skr
 
SkreeM,

Thanks for the advice!

I'm also using folder redirection of the My Documents folder through GPO's and it's not quite working yet. I forgot to make the new DC a Global Catalog server, though. I'll configure that and try it again.

What is happening is that several users in the main office are moving to the remote location, and I want the data in their My Documents folder to move over to the new server when they logon at the new location. I'm wondering if the new server is going to try to copy the data from the Small Business Server over the vpn link or from the synchronized copy on the user's laptops. If it's going to use the vpn link, then that might get messy. Have you tried this scenario before?

Thanks again,


Mike
[morning]
 
I never set-up my docs re-direction i'm not keen on it so can't help sorry.

Skr
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top