Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Two sites, two DC's

Status
Not open for further replies.
ashleym

ashleym

MIS
Mar 30, 2001
375
0
0
I have two sites, right now I have just replaced the main server at site 1, site 2 has no DC at the moment. PC's running XP Pro at site 2 are pointed to the DC at site 1 for DNS and are using a software program called VDHCP to get IP's locally. The two sites are connected via a T1, site one uses 192.168.0.x and site 2 uses 192.168.1.x I want to put a second DC at site 2, make it a local DNS and DHCP server. My question is how do I make sure the local pc's at site to authenticate to their local DC and not to the DC over the T1? How do I set up AD to do this, do I setup two different sites?

ALso exchange will be running on the DC in site 1 for all computers at both sites.

Thanks
AM
 
Sort by date Sort by votes
When you add a DHCP server to the Site 2 subnet the clients will recive IPs based on the scope. You should define the gateway and DNS servers on this DHCP server to point to your newly DC on Site 2.

Remember client machines will send out a broadcast message requesting an IP address, and since the new DHCP server is closet it will acknowledge.

As for adding a DC that should pretty easy just run DC promo. Remeber if you want this to be active directory intergrated it must have DNS on the server.

You will have to configure communication between the two domain controllers by using sites and services. Of course there is a bit more to this such as opening up ports on the firewall to allow this communication back and forth. You will also want to config how ofter these two sites communicate with each other to sync up data.

There are plenty of tutorials on the web. Do a search for "adding additional DC
 
Upvote 0 Downvote
If you create a new Site in the AD using the AD Sites and Services and associate the appropriate subnet with that site, your clients will use the local DC for authentication. You would also do well to use the same tool to set the properties on the NTDS settings of the second DC to make it a Global Catalog server.

Don't worry about Exchange.

ShackDaddy
 
Upvote 0 Downvote
I wouldn't recommend Exchange on a DC. Ever.

What everyone else says here is correct. Sites and Services will help.

Pat Richard, MCSE MCSA:Messaging CNA MVP
Want to know how email works? Read for yourself -
 
Upvote 0 Downvote
58sniper, that flies in the face of the fact that Microsoft sells Small Business Server which is a DC running Exchange.

AM
 
Upvote 0 Downvote
That's entirely different. When given the chance, don't put Exchange on a DC. There are known issues with services, security, etc.

Pat Richard, MCSE MCSA:Messaging CNA MVP
Want to know how email works? Read for yourself -
 
Upvote 0 Downvote
Ok but why exactly is SBS entirely different? I have heard this reccomendation not to put exchange on a DC, but if you can have only one server and require terminal services and exchange, what choice do you have? SBS is out of the question due to the fact they removed terminal services in favour of RWW. With the new security implementations in Exchange 2003 and Windows 2003, I no longer agree that exchange on a dc is as big a risk as it was under previous versions of exchange and windows.

AM
 
Upvote 0 Downvote
Security isn't the problem its Global Cat's

If the GC is local to exchange then excahgne will only look at itself so if the GC fails it won't ever look anywhere else.

If exchange is a member server and GC Server #1 fails it quite happily pops off to query GC Server #2.

But you're right, why would MS sell a product that...... (as I am eaten by new can of carnivorous worms!)

But sites and services shoudl sort the posted issue out you can verify this by running the
echo %logonserver% from a cmd prompt on the clients.

But one thing to be aware of is password changes will take time (15 mins) to get from site 2 to site 1 so when Site 2 try to access the Exchange server they will be denied access.

Iain
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

kjv1611
  • Locked
  • Question
Two Username Logins Cause Duplicate Listing of DNS/File Server on Cilent Machines?
Replies
0
Views
33
kjv1611
kjv1611
Skittle
  • Locked
  • Question
IIS 7.5 Intranet With Two Websites Access Via Name Instead Of IP Address
Replies
0
Views
24
Skittle
Skittle
guitarzan
  • Locked
  • Question
Server 2003 / IE8, can't access sites
Replies
2
Views
28
guitarzan
guitarzan
skyislandmaggie
  • Locked
  • Question
Two questions about my Windows 2008 network
Replies
1
Views
51
NetworkTek
NetworkTek
spelk
  • Locked
  • Question
DNS, DHCP, FILESERVER transition from W2003 to W2008R2 DC's
Replies
2
Views
23
HopnDude
HopnDude

Part and Inventory Search

Sponsor

Back
Top