Two Servers, Two Sites, One Domain.

Home Forums Server Operating Systems Windows Server 2008 / 2008 R2 Two Servers, Two Sites, One Domain.

This topic contains 6 replies, has 6 voices, and was last updated by Avatar nstyjohnny 9 years, 3 months ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
  • Avatar

    Hello All,

    I am new to this forum and pretty new to the Server 2008 setup.

    I will start with an outline of what I am troubled with.

    I work at a company which has a single server, with Active Directory, DNS, DHCP etc and around 50 users. We opened a another little “office” the other side of town (5 miles) and 22 of the 50 users login over there using VPN to access our intranet and shared resources.
    When users login using VPN, it rather slow and just recently unreliable.

    Now here is where I am confused –

    We are closing down for a week (starting 5th July) and I have decided to format the server (running slow and alot of reconfig required anyway, its easier for format). Now once I have set up the Domain again I would like another server (with the same domain name preferably) at our other office so users can login alot quicker, have access to the intranet and shared resources.

    I have read something, somewhere about domain replication, but a little confused on how the setup would work.

    I would like to achive something like this –

    …..OU – Main office
    ……….OU- Accounting
    ……….OU- HR
    …..OU- 2nd office
    ……….OU- Marketing
    ……….OU- Support

    (Users & computers of each department go in the correct OU)

    and be able to replicate this to the other server at the smaller office. So say a user forgets their password, I can navigate to their OU and reset it. Now if they are at the smaller office (And i am based at the larger office) the password reset still takes place if that makes sense.

    Many Thanks for any help in advance.

    Daimian P Williams


    Re: Two Servers, Two Sites, One Domain.

    I can tell you this is a very common setup so yes it’s possible.

    There isnt much complex configurating to do really; just make sure both server join the same domain.

    Make sure they have a connection through your internet line (dedicated?)
    Open site and services snapin, specify the 2 network ranges for your sites 1 for each location, they cannot be the same ofcourse.

    Create sites last make sure the site use the correct ranges, put the server in the correct site et voila.

    You could configure both DC’s to be Global catalog, so clients dont have to authenticate over the internet line. Should you decide not to, make sure you put the schema master role on the server which is not the GC.

    Good luck


    Re: Two Servers, Two Sites, One Domain.

    Hello Silver23,
    Many thanks for your response.

    A few things, just to clear my mind:-

    • A Dedicated Internet Connection – This maybe a issue, is it possable without this at all?
    • Specify Network Ranges – Are you talking about subnets within AD sites and services? If not, how do I do this?
    • I will configure both servers to be GC’s – Again, how do I go about this.

    The way I am thinking of this is –

    1. Format Both Server’s, fresh installation on Windows Server 2008 Enterprise on both.
    2. Insall Active Directory servers one of the servers (New Forest)…
    3. Create OU’s and Users

    Thats where I am then stuck,

    Do I then install Active Directory on the second server, within an exsisting forest? Is it then a child Domain? Or do I join it to the domain like a workstation would (Right Click “My Computer”, join to domain)

    Once I have set up the second server, do the OU’s and User’s I have created automatically transer to the second server?

    Oh and one other thing, do I do this locally. (Both Servers same network then move the second server to the other office)

    I am so sorry there is so many questions here, but I really do appreciate you help.



    Re: Two Servers, Two Sites, One Domain.

    Dedicated connection is not required as long as you can establish a VPN — most decent routers will allow this

    Set each site to a different subnet (e.g. 192.168.0.x for one, 192.168.1.x for the other, subnet mask at each to keep them separate

    GC is a tick box only — go into ADSites&Services…site…dc…ntds settings, right click and select properties)

    Its up to you if you do it at the main office — operation will be quicker but then you will have to move the server in ADSS

    You should also make each DC a DNS server (mandatory on the first) and add the DHCP role


    Re: Two Servers, Two Sites, One Domain.

    Sorry for the delay in posting back, I went away for work.

    Ok, so the 5th of July (When I will be setting this up) is approching fast. :roll:

    So I format both the servers, put Server 2008 on both, set up the same domain name on both.

    Then create the “site”…..

    the VPN connection will allows the two server to “talk” to each other and the replication (password changes etc) with be sync though the VPN….

    Have I got the right?

    Thanks for your help!!



    Re: Two Servers, Two Sites, One Domain.

    Yes, you’re mostly right.

    Get your VPN setup and tested first, so you know you can communicate between the two sites. Make sure each site has a separate subnet, as ossian pointed out.

    Once you have configured the two Active Directory servers, you need to create a new site using Active Directory Sites and Services.

    You should also create a subnet entry for each site, and make sure it has been attached to the correct site. Then, move each DC into the relevant site.

    See this link for a bit more information. It says 2003, but it should be very similar for 2008.


    Re: Two Servers, Two Sites, One Domain.


    Can I just clarify one point

    “So I format both the servers, put Server 2008 on both, set up the same domain name on both.”

    You do format both of the servers, and you do install Windows 2008 on both, then you make one of these servers a domain controller.

    Once your VPN is connected and the two servers can see each other, you then need to DCPROMO the second server within the domain of the 1st server.

    Just in case you were going to DCPROMO both to the same name and then wondered what was going wrong.

    Sorry if I am pointing out the obvious.


Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.