Petri.com forums Home Forums Start Page Forums Frequently Asked Questions FAQ Member List Members List
Go Back   Petri IT Knowledgebase Forums > Server Operating Systems > Windows Server 2000 / 2003 / 2003 R2
Petri.com is happy to award RicklesP the title of Most Valuable Member !!!
Register Calendar Calendar Search Petri IT Knowledgebase Forums Search Todays Posts Today's Posts Mark Forums Read
Notices

PLEASE HELP - Setup Branch Office

PLEASE HELP - Setup Branch Office

this thread has 15 replies and has been viewed 7053 times

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 13th August 2009, 09:12
woodgrain's Avatar
woodgrain woodgrain is offline
Casual
It's not a coincidence
 
 Join Date: Jul 2009
  6 month star 12 month star
 Location: Sydney, Australia
 Posts: 90
 Reputation: woodgrain is on a distinguished road (24)
Exclamation PLEASE HELP - Setup Branch Office

I've been asked to setup a 2nd site to our office, I've never done this before, only done internal servers, so could really use some help.

There will be a firewall device at each end that will establish a site to site VPN for connectivity between the 2 sites.

How should I configure each site?

I know this will vary from site to site, I know this, I'm just wanting to learn the min requirements to make it all work, I can look at customising for our needs later. I'm after quite ganular information, ie, the order to set up each component & how to do it, click by click.
____________________________________________

Let's call them
SITE1:
- DNS: site1.company.local
- Server Name: SVR1
-
Server IP: 192.168.4.2
- 2003 domain with 2 DCs in 2003 mode
- 192.168.4.0/24
- VPN/Router/Firewall/Gateway IP: 192.168.4.1
SITE2
- DNS: site2.company.local
-
Server Name: SVR2
- Server IP: 192.168.5.2
- 192.168.5.0/24
- VPN/Router/Firewall/Gateway IP: 192.168.5.1
____________________________________________
I've included as much info as I can think of, let me knwo if you need any other details (or feel free to make up details for the scenario).

Components that come to mind are:
* Domain Controller setup
* Forest/domain setup
* DNS
* AD Domains & Trusts
* AD Sites & Services

Thanks very much for any help, I'm in a really tight bind here!
  #2  
Old 13th August 2009, 10:34
anil.colaco anil.colaco is offline
Casual
Casual
 
 Join Date: Dec 2007
  6 month star 12 month star
 Posts: 7
 Reputation: anil.colaco is on a distinguished road (10)
Default Re: PLEASE HELP - Setup Branch Office

hi,

a little clarification,

are both sites being setup from scratch
or site 1 is up n running
and site2 is in deployment phase.
  #3  
Old 13th August 2009, 10:55
Ossian Ossian is online now
Administrator
 
 Join Date: Nov 2003
  6 month star 12 month star
 Location: Bonnie Scotland
 Posts: 16,717
  Send a message via Skype™ to Ossian
 Reputation: Ossian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant future (1549)
Default Re: PLEASE HELP - Setup Branch Office

You will need to tell us the make and model of your firewall devices, and I don't think anyone will give you "click by click" instructions

Have you thought of bringing in a consultant?
__________________
Tom Jones
MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
PhD, MSc, FIAP, MIITT
IT Trainer / Consultant
Ossian Ltd
Scotland

** Remember to give credit where credit is due and leave reputation points where appropriate **
  #4  
Old 14th August 2009, 01:16
woodgrain's Avatar
woodgrain woodgrain is offline
Casual
It's not a coincidence
 
 Join Date: Jul 2009
  6 month star 12 month star
 Location: Sydney, Australia
 Posts: 90
 Reputation: woodgrain is on a distinguished road (24)
Default Re: PLEASE HELP - Setup Branch Office

site 1 is up n running and site2 is in deployment phase The firewall devices are being setup by a consultant, it's just the windows configuration that I need to do.
  #5  
Old 14th August 2009, 10:31
Ossian Ossian is online now
Administrator
 
 Join Date: Nov 2003
  6 month star 12 month star
 Location: Bonnie Scotland
 Posts: 16,717
  Send a message via Skype™ to Ossian
 Reputation: Ossian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant future (1549)
Default Re: PLEASE HELP - Setup Branch Office

OK --sorry
How comfortable are you setting up an additional Domain Controller in an existing site?
There really are few differences except you will set up a second DHCP server for 192.168.5.x at the second site
The only other thing is to allow plenty of time for replication -- dont be impatient!
__________________
Tom Jones
MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
PhD, MSc, FIAP, MIITT
IT Trainer / Consultant
Ossian Ltd
Scotland

** Remember to give credit where credit is due and leave reputation points where appropriate **
  #6  
Old 15th August 2009, 04:36
woodgrain's Avatar
woodgrain woodgrain is offline
Casual
It's not a coincidence
 
 Join Date: Jul 2009
  6 month star 12 month star
 Location: Sydney, Australia
 Posts: 90
 Reputation: woodgrain is on a distinguished road (24)
Default Re: PLEASE HELP - Setup Branch Office

I've setup multiple DCs internally before, that's no problem as most of that is automated, but for a branch site I'm not sure how to configure DNS, forwarding, sites & services, domains & trusts, subnets, etc? I've only ever setup multi DCs in the same domain.
  #7  
Old 15th August 2009, 10:23
Ossian Ossian is online now
Administrator
 
 Join Date: Nov 2003
  6 month star 12 month star
 Location: Bonnie Scotland
 Posts: 16,717
  Send a message via Skype™ to Ossian
 Reputation: Ossian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant future (1549)
Default Re: PLEASE HELP - Setup Branch Office

OK, rough summary, and will help you elaborate
On your main site DC
go to ADSS and make sure main and branch site are created, with correct subnets assigned to them
go to DNS and create reverse lookup zones (AD integrated) for each subnet
If you can, build the branch office DC and join to domain as member server but (IMHO) do not DCPromo yet

At the branch office:
Switch on new DC (still a member server) adn configure IP address to new site
Make sure new DC has main site DC as its primary DNS server
Check VPN is established and that you can ping main site DC by both names (server and server.domain.local)
DCPromo (will be slower than in one site)
In ADSS, check it is in the correct site, make it a GC and check that site links have been created from old to new and new to old (manually create them on both DCs if needed)
Create test objects in AD at both ends and wait until they have replicated to the other server - be patient
Install DNS but dont do any configuration except root hints and checking it is AD integrated
Wait, wait, wait for DNS replication to occur -- leave it 24 hours if needed
Change networking on new DC to point to itself for first DNS server and main site DC as second

Thats basically it -- someone will fill in the gaps for you
__________________
Tom Jones
MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
PhD, MSc, FIAP, MIITT
IT Trainer / Consultant
Ossian Ltd
Scotland

** Remember to give credit where credit is due and leave reputation points where appropriate **
  #8  
Old 17th August 2009, 04:34
woodgrain's Avatar
woodgrain woodgrain is offline
Casual
It's not a coincidence
 
 Join Date: Jul 2009
  6 month star 12 month star
 Location: Sydney, Australia
 Posts: 90
 Reputation: woodgrain is on a distinguished road (24)
Default Re: PLEASE HELP - Setup Branch Office

Thanks for that overview.
I'm in the process of setting up a Windows Virtual Server to run a test setup (just having some difficulty getting the virtual server networked with the host..).

Below is what I originally noted down as my plan of attack, I will compare it with what you mentioned & post any questions, but from a quick read it looks similar, I was just adding more detail when I put it together.

Feel free to do the same by posting comments, corrections, or reordering.
Thanks for your assistance.
_____________________

* Install Windows Server (2003 std)
* Establish the VPN connection
* Ping SITE1
* Promote the server to DC with DNS AD integration
* Set the DNS as an AD Interated secondary server
* Configure DNS conditional forwarding for site1.company.local and company.local to go to SITE1 DNS server to resolve. (Clients would only need to be configured to point to the local DNS).
* ADDT (at both sites) - RC domain name - Properties - Trusts - New Trust - "site1.company.local" - Next - Trust with a windows domain - "site1.company.local" - finish
* ADSS ?? I'm sure we'd have to setup something here?!
* Rename "Default-First-Site-Name" to "SITE2-company-local"
* RC Sites - New Site - name "SITE1-Company-local" - select "DefaultIPSiteLink" - OK
* Under the new site RC Servers - New-Server - "SVR1.SITE1.company.local" - OK
* RC Subnets - New Subnet - 192.168.4.0/24 - Select "SITE1-Company-local" - OK
* RC Subnets - New Subnet - 192.168.5.0/24 - Select "SITE2-Company-local" - OK
* I'm not sure what to do with "SITE2-Company-local" - Servers - RC SVR2 - Properties - Transports?
* "SITE2-Company-local" - Servers - SVR2 -RC NTDS Settings - New AD Domain Services Connection - Select SVR1 - OK
  #9  
Old 17th August 2009, 09:43
Ossian Ossian is online now
Administrator
 
 Join Date: Nov 2003
  6 month star 12 month star
 Location: Bonnie Scotland
 Posts: 16,717
  Send a message via Skype™ to Ossian
 Reputation: Ossian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant futureOssian has a brilliant future (1549)
Default Re: PLEASE HELP - Setup Branch Office

Most of what you are doing looks similar except
Quote:
ADDT (at both sites) - RC domain name - Properties - Trusts - New Trust - "site1.company.local" - Next - Trust with a windows domain - "site1.company.local" - finish
Are you wanting 2 domains (company.local at main site and site1.company.local at remote site)?
If so, WHY? -- you do not need a new domain for an additional site
__________________
Tom Jones
MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
PhD, MSc, FIAP, MIITT
IT Trainer / Consultant
Ossian Ltd
Scotland

** Remember to give credit where credit is due and leave reputation points where appropriate **
  #10  
Old 17th August 2009, 10:08
woodgrain's Avatar
woodgrain woodgrain is offline
Casual
It's not a coincidence
 
 Join Date: Jul 2009
  6 month star 12 month star
 Location: Sydney, Australia
 Posts: 90
 Reputation: woodgrain is on a distinguished road (24)
Default Re: PLEASE HELP - Setup Branch Office

Yeah, fair enough.
I was planning on setting up a 2nd domain as the rate of growth is quite large. I guess I could look at setting up a 2nd domain later if the rate of growth continues. They are in different states too.
Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP lookups on branch office servers 81reaper Active Directory 4 19th June 2009 10:31
New branch office with new server. How? costasppc Windows Server 2000 / 2003 / 2003 R2 7 31st January 2009 17:55
Branch office DNS ITLondon Windows Server 2000 / 2003 / 2003 R2 6 4th December 2008 05:13
VMWare ESX for branch office tech.support.b VMware Virtualization 10 26th November 2008 21:05
Setting up branch office jeffaz Misc 6 14th April 2007 02:01


All times are GMT +3. The time now is 11:11.

Steel Blue 3.5.4 vBulletin Style ©2006 vBEnhanced
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
 

Valid XHTML 1.0!   Valid CSS!

Copyright 2005 Daniel Petri