Jump to content

Need help: Secondary DC or another solution?

Guest Nicolas

By Guest Nicolas
in Windows 2003 Server

 Share

Recommended Posts

Guest Nicolas

Guest Nicolas

Posted
Posted

Hi,

 

I need your help to install a Win2K3 server in a second place for a school

Currently, at the first place, I've a network including a Win2K3 server with

a Domain which is DC with AD, DNS, DHCP and Files Server, and twenty pc

(WinXP Pro SP1 et SP2) which are Domain member.

 

We opened a second place where we moved ten pc from the first place, so

Domain member.

Now I've to install a new Win2K3 server in the second place to manage pc

(with the same Services: AD, DNS, DHCP and Files Server).

 

Do I have to build this new Win2K3 server as Secondary DC at the first place

and move it after into the second place?

To ensure that pc Domain member which were moved from the first place to the

second site, can connect to this new server.

 

In your opinion, what would be the best pattern to follow, to have pc

(member of the Domain) on two different places, with one server by place?

Do I have to use Secondary DC at the second place?

Or do I have to create two different Domain (but how to move pc between each

place)?

Or do I have to create a new DC (autonomous) at the second place with the

same Domain Name than the first place?

Which is the best way to follow?

 

Thanks a lot,

Nicolas

  • Replies 2
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Bruce Sanderson

Guest Bruce Sanderson

Posted
Posted

Re: Need help: Secondary DC or another solution?

 

A pre-requisite is that all domain controllers in a domain (or forest) must

be able to communicate with each other more or less continuously - they must

be network connected.

 

If you don't have a network connection between the two "places", then you

can't have them both participate in the same domain. Even if you promote

the second domain controller while it is in the first "place" (and thus can

communicate with the existing domain controller), once you move it to the

second, disconnected place, they won't be able to replicate (e.g. password

changes, new users, new computers) and after a few days both of them will

stop working - you'll get an Event Log entry that says, essentially, becuase

there has not been replication, the content of the Active Directory is

considered "not valid" and the domain controllers will refuse to process

logons.

 

Your local ISP "should" be able to provide a private, "always on" network

connection between the two places (e.g. using VPN, VLAN or similar

techniques). If the places are "close enough" (e.g. in the same building),

you might be able to install (or have someone else install) the required

wiring, switches and router(s).

 

You won't need a high bandwidth (speed) connection just for the domain

replication traffic, but it will need to be operational whenever the domain

controllers are running.

 

Once you have the network connectivity in place, you can "promote" the

second domain controller either in the "first" place or after it is

installed in the "second" place.

 

If you elect to not have network connectivity between the two "places", then

I suggest you use two different Domain Names. If you ever (in the future)

do decide to add the network connection, haveing both, independant domains,

with the same name will be problematic - the same name does NOT imply the

same domain. You could establish a "Trust" between the two domains (see

http://technet2.microsoft.com/windowsserver/en/library/9d688a18-15c7-4d4e-9d34-7a763baa50a11033.mspx?mfr=true)

or integrate (migrate) them into a single Forest (see

http://technet2.microsoft.com/windowsserver/en/library/e3d396dd-c141-432b-9e69-50f597061e471033.mspx?mfr=true).

 

--

Bruce Sanderson

http://members.shaw.ca/bsanders

 

It is perfectly useless to know the right answer to the wrong question.

 

 

 

"Nicolas" <Nicolas@discussions.microsoft.com> wrote in message

news:E2A9DBEA-DBB6-4202-B67A-FEC9497A3C63@microsoft.com...

> Hi,

>

> I need your help to install a Win2K3 server in a second place for a school

> Currently, at the first place, I've a network including a Win2K3 server

> with

> a Domain which is DC with AD, DNS, DHCP and Files Server, and twenty pc

> (WinXP Pro SP1 et SP2) which are Domain member.

>

> We opened a second place where we moved ten pc from the first place, so

> Domain member.

> Now I've to install a new Win2K3 server in the second place to manage pc

> (with the same Services: AD, DNS, DHCP and Files Server).

>

> Do I have to build this new Win2K3 server as Secondary DC at the first

> place

> and move it after into the second place?

> To ensure that pc Domain member which were moved from the first place to

> the

> second site, can connect to this new server.

>

> In your opinion, what would be the best pattern to follow, to have pc

> (member of the Domain) on two different places, with one server by place?

> Do I have to use Secondary DC at the second place?

> Or do I have to create two different Domain (but how to move pc between

> each

> place)?

> Or do I have to create a new DC (autonomous) at the second place with the

> same Domain Name than the first place?

> Which is the best way to follow?

>

> Thanks a lot,

> Nicolas

Guest Dhruv raj

Guest Dhruv raj

Posted
Posted

RE: Need help: Secondary DC or another solution?

 

we must have connectivity betwen two places (first and and the second)

one we have it there are number of ways you can implement MS WINDOWS SEVER

2003 INFRASTRUCTURE

1) you can have a single domain spread accross two sites frst place and the

second

2)you can have two different domains in the two different sites

here you have a alternavtie of establishing a child domain in the second

place)

 

3.if your your business can affoard 10megabit connectivity between two

places you can considre them as a single active directory site

(if this happens you will not create two domains as you do not have major

difference in the security requirements between two sites) ( security

requirements : i am refering to the password policy)

 

 

 

 

 

 

 

 

 

 

 

--

Dhruv Raj

mcse 2003

New Delhi

India

 

 

"Nicolas" wrote:

> Hi,

>

> I need your help to install a Win2K3 server in a second place for a school

> Currently, at the first place, I've a network including a Win2K3 server with

> a Domain which is DC with AD, DNS, DHCP and Files Server, and twenty pc

> (WinXP Pro SP1 et SP2) which are Domain member.

>

> We opened a second place where we moved ten pc from the first place, so

> Domain member.

> Now I've to install a new Win2K3 server in the second place to manage pc

> (with the same Services: AD, DNS, DHCP and Files Server).

>

> Do I have to build this new Win2K3 server as Secondary DC at the first place

> and move it after into the second place?

> To ensure that pc Domain member which were moved from the first place to the

> second site, can connect to this new server.

>

> In your opinion, what would be the best pattern to follow, to have pc

> (member of the Domain) on two different places, with one server by place?

> Do I have to use Secondary DC at the second place?

> Or do I have to create two different Domain (but how to move pc between each

> place)?

> Or do I have to create a new DC (autonomous) at the second place with the

> same Domain Name than the first place?

> Which is the best way to follow?

>

> Thanks a lot,

> Nicolas

 Share
Go to topic listing
×
×
  • Create New...