Domain question

M

Mart

I work in a small office with about 20 PC's configured in one domain
with an AD controller.

We now have a remote site with about 5 PC's connected via a leased
line and routers. The main site is on 192.168.254.x while the remote
site uses 192.168.253.x.

We are now planning on putting the remote site on its own domain with
an AD controller, so those logging in at the remote site will login to
the AD Controller on that domain instead of the main site domain.

I am confused as to whether this needs to be setup as a new domain in
a new forest, or a new domain tree in an existing forest.

Any tips would be appreciated.

Thanks,

mart
 
D

Dennis Burgess

Does the users at site 2 need to access site 1 server?

If so, just drop in another controller in site 2, if yo uwant to move it to
another domain, put that domain in the same forest so that you can enable a
trust.

Dennis
 
R

Richard G. Harper

Either way would work - or if you can tunnel and VPN between the sites you
might just put everyone in one domain and point each PC to its local domain
controller, using routing and WINS to allow connectivity between the two
sites.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
P

Phillip Windell

No. You keep the same single domain. Add an additonal DC (same domain) at
their location. Make use of the "Sites" in AD to control how the DC's
replicate over the slow WAN link. That is one of the jobs of the AD "Sites"
object.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
 
M

Mart

No. You keep the same single domain. Add an additonal DC (same domain) at
their location. Make use of the "Sites" in AD to control how the DC's
replicate over the slow WAN link. That is one of the jobs of the AD "Sites"
object.
Click to expand...

This looks they way to go. Could you kindly give me a little
information on how to do this or point me in the right direction
please.

Could you just clarify, what we would like is for users at site 1 to
authenticate against AD controller on site 1, and users at site 2 to
authenticate against AD controller on site 2.

If the WAN link was to go down, these sites should still work
independently.

Thanks
 
P

Phillip Windell

Mart said:
This looks they way to go. Could you kindly give me a little
information on how to do this or point me in the right direction
please.
Click to expand...

I have no "how-to's". you caould search for the information on
http://search.microsoft.com/search/search.aspx
Could you just clarify, what we would like is for users at site 1 to
authenticate against AD controller on site 1, and users at site 2 to
authenticate against AD controller on site 2.
Click to expand...

The Users will automatically use the DC that is in the same "AD Site" that
they are in themselves.
If the WAN link was to go down, these sites should still work
independently.
Click to expand...

That is correct, just the DCs won't do any replication until the link comes
back up and you obviously couldn't access resources on the opposite
end,...but the local Site would continue to work within itself.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN server without domain controller 0
Logon Failure:Target account name is invalid 0
How to create child domain in a different network? 3
Multi forest and Citrix farm 1
Difficulty joining domain across site to site VPN 1
cannot contact a domain controller 2
how to close out a remote office/domain 3
policies 1

Top