Sites and Services question

  • Thread starter Thread starter W C Hull
  • Start date Start date
W

W C Hull

We have a Domain Controller located in an office out east and although the
office is going to remain open we can no longer justify a domain controller
be located on site. When we shut down the DC we want to take the addresses
for the offices and move them to another DC in an adjacent state. Here is
the issue......

We currently use the site code value in the logon script to determine proxy
settings for the office. In the current environment we have two separate
site codes and set the proxy settings based on site code detected. If we
consolidate one site into the other then we will end up with two different
proxy settings but only 1 site code. Is there any way to move this address
range from one DC to another and still maintain separate site code values in
Active Directory?

Any insight would be appreciated.

Thanks!
 
When you remove the DC from the site, you don't have to remove the site
from AD. It can stay there and then AD will automatically configure the
next closest site to cover that site within DNS so clients will start
flowing over to the next closest site.

So assuming your site metrics are configured properly things should be
good and the sites that the machines are in will remain the same, only
the reported site for the DC will vary.

So for example, say you have a hub and spoke configuration, if you
remove a DC from a spoke, the hub DCs should automatically start
covering the spoke site assuming you configured the site link between
the hub and the spoke properly.

Once you remove the DC, start using nltest and nslookup to verify what
is covering that site then.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm
 
Joe,

Thanks for the reply. Also please excuse my ignorance as I don't really
deal with the sites and services stuff, another guy in my department
does.....

OK.... Help me out......

Lets I have domain controllers in the following states:

IL, MN, WA, CT, MA GA, VT and lets say that in VT and MA the DC's are being
removed. When you referred to site metrics being setup what do you mean?
We want the VT and MA offices to use the DC in CT for logging on. DHCP, DNS,
etc.
 
By site metrics, I mean the site links and the costs between the sites.
If you haven't defined any site links and costed them, then everything
is connected by the default site link and any DC in the domain could be
used. This isn't optimal for configuration as it impacts replication as
well and would mean that any DC can replicate with any other DC because
they are all identically available over the network. This would be
unusual unless you have some sort of mesh network topology where
everything goes into a cloud and no site has to hop through another site
to get to a third site. Usually companies have some sort of hub and
spoke configuration or spanning tree for network (i.e. to get to Site C
from Site A you have to go through Site B) and the site links need to
reflect that properly.

As for DHCP, it will depend on whether or not you have set up the
routers to send the DHCP broadcasts across the WAN to the other site so
that the other site can service the requests.

DNS configs should come down from the DHCP server.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm
 
Joe,

Thanks again. Well I think that what you have described is what we have
(i.e. the big cloud). In our environment, every site can get to any other
site without having to jump though another site to get there. As previously
stated we currently have a DC in our Maine office and Mass. offices but the
DC's in Maine and Mass will be going away. DNS and DHCP are not required to
be run on a DC so we are going to install those services on a member server.
We want the clients in these offices to use the Conn DC as their logon
server but still retain their Site Codes they have now when we pull the
DC's.

As previously stated, everyone is in the big cloud but if we go ahead and
setup the site links between the Conn office and the Mass and Maine offices
what will that do to us from a DC replication standpoint? Will this force
replicaitons to have to pass though Conn to get to Maine and Mass? What
happens if the Conn DC happens to be down due to a power outage as far as
Active Directory is concerned? Can yo sent up secondary (alternative) links
or just one link between one office and its next higher hub.
 
Replication will flow across the least cost site links for the domain
connection. As long as you don't disable site transitivity, if something
is missing in between (and there is real network connectivity between)
then the replication will reroute in event of a problem. I really
recommend you pick up the book in the signature and read the section on
sites and replication.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm
 
Back
Top