Re-Post DC in 2 different sites

  • Thread starter Thread starter Jeff Hague
  • Start date Start date
J

Jeff Hague

Anyone want to take a shot at this?
I have 3 DCs - 2 in Site A and 1 in Site B. The sites use
seperate Layer3 switches and have a firewall in between
them (its a college network and Im trying to keep the
dorms away from the admin systems). The servers in Site A
are all connected at gigabit but the switch in Site B only
supports 100MB. I would like to add a gigabit link to the
server in Site B back to the Switch in Site A for AD
replication only - I dont want clients in Site B to access
machines in Site A through this link. If I add a Site A IP
address to the server in Site B, how will AD determine the
Site membership? What other issues can I expect to run
into? Is this even possible or advisable? Also, all DCs
are DNS and WINS servers - does this make things more
difficult?
Thanks!
 
There is some manual configuration you must do to custom tailor this to your
environment.

For your domain controllers and clients to be aware of "close" machines to
communicate (ones in the same AD site) you must create sites in Active
Directory Sites and Services on your DC.

Once you've done that, add the IP subnets that are unique to each physical
location to the defined subnets for the site under the Subnets portion of
the AD Sites and Services tool. When doing so, it will ask which AD site to
associate the subnet with.

After doing this for all sites and subnets you will see client machines
become site 'aware' of which DCs are closest. They do this by querying site
and subnet specific SRVs in DNS to locate a DC.

The above does not cover all that you need to do and be aware of for AD
replication though. I would strongly recommend that you read the Branch
Office Deployment Guide to decide how to set up the AD replication topology
for your enterprise:

http://www.microsoft.com/technet/tr...nol/ad/windows2000/deploy/adguide/default.asp

Generally speaking, you may want to disable the Knowledge Consistency
Checked from setting up your AD replication topology in favor of creating
the replication connections between DCs yourself.

245610 HOW TO: Disable the Knowledge Consistency Checker Inter-Site Topology
http://support.microsoft.com/?id=245610

Be sure to post if we can help.
 
Back
Top