[ActiveDir] AD/ Sites Services
Dear All, I have here in My Company, 2 Sepearate Locations, the First one is Head Office , the second one is the Private office . The head office have one single Network with this Range of IP-Address ( 70.0.0.X / 255.255.255.0 ) . We have Wireless -Point-To-Point Between the 2 locations . The Privare office have also one single Network with the same range of IP-Address in the Head office which is ( 70.0.0.X / 255.255.255.0 ). All of them is under Workgroup, and no domains at all . -- -- what we need , is to create domain and to provide users with the authentication from the domain by using user name Password. - My question is here, i am really get confused, what should i follow :- 1- Should i follow Single Site for the 2 locations each site will represented by subnet , so i will have 2 subnets in one site ? Or 2- should i follw Multiple Site with one subnet at least in each site, and each site will represent the location it self ? i really get confused. as i know the site is used for the Replication , so i want to simple the replication it self. CAN ANY ONE GUIDE ME TO THE BEST OF IT. Best Regards, RANIA SAMEER. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] AD/ Sites Services
Simple and most forward answer is to create two site - one for each location, with associated subnets assigned to each site. The longer answer is related to how many users in each site, how fast (in AVAILABLE THROUGHPUT) is the connection between, and are you intending to put at least one DC in each physical location. So, hopefully more answers are forthcoming Rick [msft] -- Posting is provided AS IS, and confers no rights or warranties ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rania Sent: Saturday, October 15, 2005 7:00 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] AD/ Sites Services Dear All, I have here in My Company, 2 Sepearate Locations, the First one is Head Office , the second one is the Private office . The head office have one single Network with this Range of IP-Address ( 70.0.0.X / 255.255.255.0 ) . We have Wireless -Point-To-Point Between the 2 locations . The Privare office have also one single Network with the same range of IP-Address in the Head office which is ( 70.0.0.X / 255.255.255.0 ). All of them is under Workgroup, and no domains at all . -- -- what we need , is to create domain and to provide users with the authentication from the domain by using user name Password. - My question is here, i am really get confused, what should i follow :- 1- Should i follow Single Site for the 2 locations each site will represented by subnet , so i will have 2 subnets in one site ? Or 2- should i follw Multiple Site with one subnet at least in each site, and each site will represent the location it self ? i really get confused. as i know the site is used for the Replication , so i want to simple the replication it self. CAN ANY ONE GUIDE ME TO THE BEST OF IT. Best Regards, RANIA SAMEER. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] AD/ Sites Services
Thanks for your reply. i heard that , one site is more than enough in order to facilitate the replication it will be intra-replication. i will but a nother DC in the other location as well that will work as child domain controller. the total users in the first location is 30 users. the total users in the second location is 15 users. i prefer to have one site 2 DC in each location. what do you think, i am correct ? or wronge ? Simple and most forward answer is to create two site - one for each location, with associated subnets assigned to each site. The longer answer is related to how many users in each site, how fast (in AVAILABLE THROUGHPUT) is the connection between, and are you intending to put at least one DC in each physical location. So, hopefully more answers are forthcoming Rick [msft] -- Posting is provided AS IS, and confers no rights or warranties ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rania Sent: Saturday, October 15, 2005 7:00 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] AD/ Sites Services Dear All, I have here in My Company, 2 Sepearate Locations, the First one is Head Office , the second one is the Private office . The head office have one single Network with this Range of IP- Address ( 70.0.0.X / 255.255.255.0 ) . We have Wireless -Point-To-Point Between the 2 locations . The Privare office have also one single Network with the same range of IP-Address in the Head office which is ( 70.0.0.X / 255.255.255.0 ). All of them is under Workgroup, and no domains at all . -- -- what we need , is to create domain and to provide users with the authentication from the domain by using user name Password. - My question is here, i am really get confused, what should i follow :- 1- Should i follow Single Site for the 2 locations each site will represented by subnet , so i will have 2 subnets in one site ? Or 2- should i follw Multiple Site with one subnet at least in each site, and each site will represent the location it self ? i really get confused. as i know the site is used for the Replication , so i want to simple the replication it self. CAN ANY ONE GUIDE ME TO THE BEST OF IT. Best Regards, RANIA SAMEER. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] AD/ Sites Services
Hi Rania, One forest with one domain should do it for you and make all DCs a GC The site and replication topology is used: * By DCs so they know with which DC to replicate with within a site and between sites * By clients/servers to find the nearest DC for authentication, GPOs, etc. Now we need to define nearest The clients get the nearest DC by querying DNS. If the clients don't know what site they are in (mostly when joining) they ask DNS: give me a DC for domain X. If they have discovered the site they are in they ask DNS: give me a DC for domain X in site Y In your situation having 2 location separated by a wireless connection you have the following possibilities: (1) Create 1 overal site for both locations and assign the subnets of the locations to that site (2) Create 2 sites, one for each location and assign the subnets of each location to the corresponding site (1) The answer for the query for give me a DC for domain X and give me a DC for domain X in site Y is the same. Assuming you have DCs at both locations a client in location A can be serviced by a DC in location A and B. So authentication across the wireless connection is a possibility! I don't think you want that (2) Assuming again you have DCs at both locations, the query for give me a DC for domain X and give me a DC for domain X in site Y will have different answers. In this case the client will be authenticated (and etc.) by a DC local to its own site. A best practice and highly recommended is to have AT LEAST 2 DCs for each domain and also to backup AT LEAST 2 DCs for each domain. In your case it is unknown to us how many users you have in your organization (at both location) so it is difficult to say how many DCs each location should get. * If you always need authentication within a site in the situation a DC might crash use 2 DCs for each location. Might be rather expensive is the organization is small * If you have a location with many users and a location with few users you could install 2 DCs at the many users location and 1 DC at the few users location. If one of the DCs in the many users location drops dead you still have the second DC to authenticate locally. If the DC in the few users location drops dead you will need to authenticate across the wireless connection * If both locations have not that many users and you want to spend that much money on DCs, you could install just 1 DC at each location where each DC must be able to service user/clients/servers in both locations if one of the DCs drops dead. From what you have told us and what I have read I think the following would be OK: * 1 DC at each location * 1 AD site for each location * Assign subnets of each location to its corresponding AD site * Use the default IP site link and assign both sites to it and configure the site link accordingly for replication between the sites (cost, schedule, interval) * Combine DC, DNS, WINS, DHCP on one server and if needed wanted setup DHCP redundant using the 80/20 rule I hope this takes away you confusion Cheers, Jorge From: [EMAIL PROTECTED] on behalf of rania Sent: Sun 10/16/2005 2:00 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] AD/ Sites Services Dear All, I have here in My Company, 2 Sepearate Locations, the First one is Head Office , the second one is the Private office . The head office have one single Network with this Range of IP-Address ( 70.0.0.X / 255.255.255.0 ) . We have Wireless -Point-To-Point Between the 2 locations . The Privare office have also one single Network with the same range of IP-Address in the Head office which is ( 70.0.0.X / 255.255.255.0 ). All of them is under Workgroup, and no domains at all . -- -- what we need , is to create domain and to provide users with the authentication from the domain by using user name Password. - My question is here, i am really get confused, what should i follow :- 1- Should i follow Single Site for the 2 locations each site will represented by subnet , so i will have 2 subnets in one site ? Or 2- should i follw Multiple Site with one subnet at least in each site, and each site will represent the location it self ? i really get confused. as i know the site is used for the Replication , so i want to simple the replication it self. CAN ANY ONE GUIDE ME TO THE BEST OF IT. Best Regards, RANIA SAMEER. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party
RE: [ActiveDir] AD/ Sites Services
Thanks for your reply. Your reply is more than Perfect really you are very helpful. Actually, i do not want the user Authentication to be done over the wireless Link. I mean the user in Location A, when he will login in the morning, i want him to go and speake to the DNS which is located in the Factory and then the DNS will reply on him by giving the DC which is located in Factory So i do not want the Authentication Traffic will travle from the Location A to location B. 2- I have in the Location A which is the Head office 30 Users with this Domain name ( MYDOMAIN.COM ) , and we bring 2 Domain Controllers to work as Backup in the Head office. 3- in the FACTORY or in the LOCATION B, i have 20 users and child domain with this name ( child.mydomain.com) and one domain controller only in this location. 4- iam unable exactly to imagin how can i do that , so can you guide me to this? 5- is there any software can i use to trace the traffic and see that this user is now talking to this DNS and asking for the domain controller . Hi Rania, One forest with one domain should do it for you and make all DCs a GC The site and replication topology is used: * By DCs so they know with which DC to replicate with within a site and between sites * By clients/servers to find the nearest DC for authentication, GPOs, etc. Now we need to define nearest The clients get the nearest DC by querying DNS. If the clients don't know what site they are in (mostly when joining) they ask DNS: give me a DC for domain X. If they have discovered the site they are in they ask DNS: give me a DC for domain X in site Y In your situation having 2 location separated by a wireless connection you have the following possibilities: (1) Create 1 overal site for both locations and assign the subnets of the locations to that site (2) Create 2 sites, one for each location and assign the subnets of each location to the corresponding site (1) The answer for the query for give me a DC for domain X and give me a DC for domain X in site Y is the same. Assuming you have DCs at both locations a client in location A can be serviced by a DC in location A and B. So authentication across the wireless connection is a possibility! I don't think you want that (2) Assuming again you have DCs at both locations, the query for give me a DC for domain X and give me a DC for domain X in site Y will have different answers. In this case the client will be authenticated (and etc.) by a DC local to its own site. A best practice and highly recommended is to have AT LEAST 2 DCs for each domain and also to backup AT LEAST 2 DCs for each domain. In your case it is unknown to us how many users you have in your organization (at both location) so it is difficult to say how many DCs each location should get. * If you always need authentication within a site in the situation a DC might crash use 2 DCs for each location. Might be rather expensive is the organization is small * If you have a location with many users and a location with few users you could install 2 DCs at the many users location and 1 DC at the few users location. If one of the DCs in the many users location drops dead you still have the second DC to authenticate locally. If the DC in the few users location drops dead you will need to authenticate across the wireless connection * If both locations have not that many users and you want to spend that much money on DCs, you could install just 1 DC at each location where each DC must be able to service user/clients/servers in both locations if one of the DCs drops dead. From what you have told us and what I have read I think the following would be OK: * 1 DC at each location * 1 AD site for each location * Assign subnets of each location to its corresponding AD site * Use the default IP site link and assign both sites to it and configure the site link accordingly for replication between the sites (cost, schedule, interval) * Combine DC, DNS, WINS, DHCP on one server and if needed wanted setup DHCP redundant using the 80/20 rule I hope this takes away you confusion Cheers, Jorge From: [EMAIL PROTECTED] on behalf of rania Sent: Sun 10/16/2005 2:00 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] AD/ Sites Services Dear All, I have here in My Company, 2 Sepearate Locations, the First one is Head Office , the second one is the Private office . The head office have one single Network with this Range of IP- Address ( 70.0.0.X / 255.255.255.0 ) . We have Wireless -Point-To-Point Between the 2 locations . The Privare office have also one single Network with the same range of IP-Address in the Head office which is ( 70.0.0.X / 255.255.255.0 ). All of them is under Workgroup, and no domains at all
RE: [ActiveDir] AD/ Sites Services
Services Thanks for your reply. Your reply is more than Perfect really you are very helpful. Actually, i do not want the user Authentication to be done over the wireless Link. I mean the user in Location A, when he will login in the morning, i want him to go and speake to the DNS which is located in the Factory and then the DNS will reply on him by giving the DC which is located in Factory So i do not want the Authentication Traffic will travle from the Location A to location B. 2- I have in the Location A which is the Head office 30 Users with this Domain name ( MYDOMAIN.COM ) , and we bring 2 Domain Controllers to work as Backup in the Head office. 3- in the FACTORY or in the LOCATION B, i have 20 users and child domain with this name ( child.mydomain.com) and one domain controller only in this location. 4- iam unable exactly to imagin how can i do that , so can you guide me to this? 5- is there any software can i use to trace the traffic and see that this user is now talking to this DNS and asking for the domain controller . Hi Rania, One forest with one domain should do it for you and make all DCs a GC The site and replication topology is used: * By DCs so they know with which DC to replicate with within a site and between sites * By clients/servers to find the nearest DC for authentication, GPOs, etc. Now we need to define nearest The clients get the nearest DC by querying DNS. If the clients don't know what site they are in (mostly when joining) they ask DNS: give me a DC for domain X. If they have discovered the site they are in they ask DNS: give me a DC for domain X in site Y In your situation having 2 location separated by a wireless connection you have the following possibilities: (1) Create 1 overal site for both locations and assign the subnets of the locations to that site (2) Create 2 sites, one for each location and assign the subnets of each location to the corresponding site (1) The answer for the query for give me a DC for domain X and give me a DC for domain X in site Y is the same. Assuming you have DCs at both locations a client in location A can be serviced by a DC in location A and B. So authentication across the wireless connection is a possibility! I don't think you want that (2) Assuming again you have DCs at both locations, the query for give me a DC for domain X and give me a DC for domain X in site Y will have different answers. In this case the client will be authenticated (and etc.) by a DC local to its own site. A best practice and highly recommended is to have AT LEAST 2 DCs for each domain and also to backup AT LEAST 2 DCs for each domain. In your case it is unknown to us how many users you have in your organization (at both location) so it is difficult to say how many DCs each location should get. * If you always need authentication within a site in the situation a DC might crash use 2 DCs for each location. Might be rather expensive is the organization is small * If you have a location with many users and a location with few users you could install 2 DCs at the many users location and 1 DC at the few users location. If one of the DCs in the many users location drops dead you still have the second DC to authenticate locally. If the DC in the few users location drops dead you will need to authenticate across the wireless connection * If both locations have not that many users and you want to spend that much money on DCs, you could install just 1 DC at each location where each DC must be able to service user/clients/servers in both locations if one of the DCs drops dead. From what you have told us and what I have read I think the following would be OK: * 1 DC at each location * 1 AD site for each location * Assign subnets of each location to its corresponding AD site * Use the default IP site link and assign both sites to it and configure the site link accordingly for replication between the sites (cost, schedule, interval) * Combine DC, DNS, WINS, DHCP on one server and if needed wanted setup DHCP redundant using the 80/20 rule I hope this takes away you confusion Cheers, Jorge From: [EMAIL PROTECTED] on behalf of rania Sent: Sun 10/16/2005 2:00 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] AD/ Sites Services Dear All, I have here in My Company, 2 Sepearate Locations, the First one is Head Office , the second one is the Private office . The head office have one single Network with this Range of IP- Address ( 70.0.0.X / 255.255.255.0 ) . We have Wireless -Point-To-Point Between the 2 locations . The Privare office have also one single Network with the same range of IP-Address in the Head office which is ( 70.0.0.X / 255.255.255.0 ). All of them is under Workgroup, and no domains at all . - - -- what we need , is to create domain
