I have a question about the Active Directory.
I have two 2008r2 DC in my office (1 domain only), the DCs running the replication to each other, and the network of my office is 192.168.1.0/24. Now, we have new branch office soon, and the network IP is 192.168.2.0/24, and connect to main office by vpn in the firewall, and the new office have not any server.
My question is:
If I want the PC which located at new office to join the domain, is it create the new IP subnet only or need create the new site in “”Active Directory Sites and Services””
What is the DNS IP of the PC in new office, is it assign the IP of main office DC?
1) Strictly you should add the subnet to the existing AD site, but in fact you could get away without adding it. It is only important when you have multiple AD Sites (a location with a DC in it)
2) Yes (or you could not find corporate resources)
Note you may well need to add a route from the branch office to the main office (ROUTE ADD 192.168.1.0 MASK 255.255.255.0 -p. I know the router/firewall VPN should take care of this, but WIndows is an awkward beast…..
Also you could well find performance is much better if you commissioned a DC (even an RODC) in the branch office