Sites Setup and Connectivity

[Enrique]

I am in the process of connecting 5 sites. One site is not
behind a firewall and the other 4 are.

The site that is not behind a firewall will be housing the
Domain controller for the domain. I want the other 4 sites
to connect and replicate data and be child domains to the
existing domain.

All these sites are connected via a T1 line. How do I go
about joining the domain at Site 1 from the other sites?
Do I need to open any particular ports from the sites
behind the firewalls? How do I tell DCPROMO.exe where to
find the DC at the remote sites?

Also, the main site with the DC has a public IP where the
other sites all maintain private IPs. Any and all
suggestions to this situation would be greatly appreciated.

Thanks,

Enrique

 

[ptwilliams]

Whether or not you're going to need to open ports on the f/w depends on how
you are connecting through it -VPN no, normal AD traffic yes.

For a list of ports see this article:
http://support.microsoft.com/?kbid=150543

I assume that all of these sites are internal? If so, there isn't a
problem. Nor will there be one with a public address, unless the public
address is truly public in that it can be accessed from the Internet. What
IP addresses you use don't matter, as long as the subnets are correctly
defined.

You configure the subnets in AD Sites and Services, and then assign subnets
to sites. With this done, when you run dcpromo, your machine will
'discover' what site it is in and assign itself to that site.

You will need to establish site links. Once these are setup let the ISTG
([Inter] KCC) generate the appropriate connection objects -don't create
manual ones.

The main thing is to get DNS up and running properly before anything else.

Post all of your questions and concerns...and we'll get you through this
endeavour ;-)


Paul.
____________________________