Second Site Install

[Guest]

I have a client that is growing and adding an additional office in a
different state. They are only going to have the IT staff located at the
head office. So, to simplify things for management we have decided to set up
an additionaly site in AD Sites and services so that all policies, scripts,
etc., will be uniform and managed from headquarters. I have never set this
up before. I have hear many different opinions. I have heard from people
who say set it up at the main site, get it replicated, and then move it to
the remote site and change the IP address. I have heard other people say to
NEVER do this. So, my question is, is there an article or suggestions on how
to set up an additional site? I would be looking for a step-by-step article.
My other question is does anybody have suggestions on the best way to do
this? I appreciate your help in advance.

 

[Ryan Hanisco]

Joe,

If you had a lot of sites to build, I would say follow the Microsoft Branch
Office guide. With only one, your best bet is to build it in the subnet
that it is going to reside. Mind you, this doesn't mean that it has to be
built on site.. Maybe just configure a VLAN that masquerades at the
destination subnet.

There is also a tool that helps you to move a DC across subnets. Frankly,
this doesn't sound like trouble but can leave the AD and DNS a mess. It is
just easier to promote it in the subnet that it is in. I would get it all
set to go, but as a member server.... send it to the final location with a
pre-configured IP address, and then terminal into it to dcpromo the server.

Its not worth the stress and bother of doing the move when you can;'t be
100% sure of it and don't have the need to roll a bunch of them out (With
the branch office deployment and static images of the AD).

 

[Guest]

So you are saying to just set it up as a member server using the IP Address
that it will use in the live environment. Move it out to the live
environment and run DCPROMO? So, since I am new to this, when do I set up
the sites in AD Sites and Services? How do I do this? Do I have to set this
up at both locations or will they replicate? Any help or suggestions would
be much appreciated! Thanks.

 

[Ryan Hanisco]

Joe,

You will set up sites and services before you promote the DC... When you
promote it, it will see what subnet it belongs in and be assigned to the
correct site. Of course, you will want to confirm this and test replication
using REPLMON.

As to configuring Sites and services, as well as setting the server as a GC,
take a look at the knowledgebase.

http://www.microsoft.com/resources/...roddocs/en-us/dssite_site_settings_topics.asp

 

[Guest]

Ryan,

Forgive me for being so ignorant on this, but I just want to verify that I
have the steps down so that things go smoothly during the install. This is
what I am thinking of doing:

1. Set up the server as a member server at the main office(Wisconsin).
2. I am traveling to remote site, so bring server to remote site(IL) and
change IP address to correct subnet that matches what I have already set up
in AD Sites and Services.
3. Run DCPromo on the new server. This will upgrade it from a member server
to an AD server and it will automatically place itself in the correct site
due to its IP Address.
4. Set the server as a GC(I will accomplish this via AD Sites and services,
clicking on the new domain controller that I just promoted and checking the
Global Catalog Box)
5. Verify replication is working(Utilize replmon)

Questions -
1. In theory, should all replication occur automatically without any other
configuration? Not only AD, but also Login Scripts, Policies, Etc?
2. Do I set up DNS to replicate with each other or does this happen
automatically?
3. There will be a single AD Server at each site now. Do they point to
themselves for DNS? Do I configure them to point to each other for secondary
DNS Address?
4. Is there anything I am missing?

Thank you again.

 

[Ryan Hanisco]

You have the steps in your head correctly.

To answer your questions:
1.Yes. The FRS is used to synch the logon scripts, policies, Sysvol, and
the like.
2. AD integrated DNS will replicate with the domain. With server 2003 there
is a change in the replication as it is in its own partition.

Take a look at this link as a starting point for more info there:
http://www.microsoft.com/resources/...docs/en-us/sag_dns_und_active_dir_storage.asp

3. DCs always point to themselves for their DNS. They should then have a
forwarder to the core DNS at your home office and then one to your external
DNS resolver.
4. Remember to install the support tools and use Netdiag and DCDiag to
verify that everything is working and healthy. This isn't a scary or
complicated process, but I am for things being 100% right the first time.
Its cheaper to do things slowly and correctly than to do them twice.

 

[Guest]

Thank you very much Ryan for all your help. It is much appreciated.

Joe