No announcement yet.

Help needed with second site

  • Filter
  • Time
  • Show
Clear All
new posts

  • Help needed with second site


    hopefully someone here can give me some advice or direction with my problem

    I have a site (Site A) with a
    Dell Win2003 server standard R2
    running an active directory domain controller.
    The users on this site use roaming profiles situated on the server
    All works nicely.

    I have a 2nd remote site (Site B)

    Between the sites I have a VPN working nicely with 2 Netgear routers this works fine when both the links are active

    What I am doing at the moment
    The customer when I put this together could not afford a second server for Site B

    Users at Site B authenticate over the VPN with the Site A server(works nicely)

    I then took a Windows XP machine at site B, Set my group policy folder redirection on the Active Directory server to point Site B users profiles at appropriate shares on the XP Computer at site B so they did not have to go over the internet to retrieve there user data.

    I know all this is a bit unorthodox but it does work nicely Until The VPN link goes down (this happens periodically ISP issue)

    I assume its because the users lose connection to the authentication server

    When this does happen Site B users desktops just disappear and I get a lot of phone calls as soon as I re establish VPN all works again no problem.

    Site A users are unaffected

    I persuaded the customer to purchase a second server for Site B

    I don't want to have to create a whole new domain at site B as I would have to un join all the Client machines from the current domain and add them to a new domain.

    I was hoping I could do it all from the servers

    So my question is what's the best solution

    I have done a bit of digging and think maybe I need to do

    Active DirectoryŽ Lightweight Directory Services (AD LDS) replication

    or do I create another domain and put trusts in between them

    I have not done either of these two things before so any step by step guides you know about would be useful

    Sorry its long winded but hopefully you guys wont have to ask me for too much more information in order to advise me



  • #2
    Re: Help needed with second site


    The easiest thing to do would be to create a domain controller out of the new server in Site B and configure a separate site within active directory. What the site will do is allow for local authentication for users in Site B without the need of crossing the VPN tunnel. Also, depending on the amount of users at Site B and the speed of your VPN connection you may want to use Universal Group Membership Caching, which will save on the amount of replication/authentication traffic crossing the VPN.

    These links may help:

    Link 1

    Link 2

    Hope this helps!

    Last edited by VWA4; 12th November 2009, 05:17.


    • #3
      Re: Help needed with second site

      Thanks for the fast reply and the links

      I was looking at that yesterday also

      as I said never done it before

      wish me luck i will be implemementing this in the next 7 days

      Thanks again


      • #4
        Re: Help needed with second site

        I have posted a link to some screenshots i created

        does it look right

        at this point there is no server at the second site and is it OK to just rename the sites