> If you have more than one DC, the GC should not be on the
> same server as the Infrastructure Master.
> This can cause replication problems.
More correctly - if you have more than one DOMAIN. If you have multiple DCs in a single domain, the GC and Infrastructure master CAN reside on the same box.
It's when we get into the multiple domain scenario is when this becomes a problem. The issue is because of the information that the GC contains (summary of all information in the forest) and what the Infrastructure master does - updates other domains about information that is contained in it's domain. So, if the GC already has the information and resides on the infrastructure master, the cross refrences are never made because the GC already holds the information that the Infrastructure master would update. Hence, the updates are never made.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] On Behalf Of
> Chuck Robinson
> Sent: Saturday, March 01, 2003 5:28 AM
> To: [EMAIL PROTECTED]
>
> If you have more than one DC, the GC should not be on the
> same server as the Infrastructure Master.
> This can cause replication problems.
>
> Chuck
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] On Behalf Of Friese, Casey
> Sent: Friday, February 28, 2003 3:01 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [ActiveDir] AD Design Guidance
>
>
> Chuck,
>
> Both sites are subnetted uniquely:
> Site A being 10.64.x.x - 255.255.0.0
> Site B bring 10.128.x.x - 255.255.0.0
>
> As far as as I know the FSMO role ilies solely with the
> server in Office A Office A, the HQ, is of course a GC and
> there is one in Office B where our Datacenter is
>
> -----Original Message-----
> From: Chuck Robinson [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, March 01, 2003 2:51 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [ActiveDir] AD Design Guidance
>
>
> Also,
> Do you have your Sites and Subnets setup correctly?
> How are your FSMO Roles divided?
> Where are your GC's?
>
> Chuck
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] On Behalf Of Friese, Casey
> Sent: Friday, February 28, 2003 2:00 PM
> To: [EMAIL PROTECTED]
> Subject: [ActiveDir] AD Design Guidance
>
>
> I have uncovered what I believe is a problem with our Active
> Directory design. I'm looking for assurance that it is
> indeed a problem judging from the symptoms that I am seeing
> and I'm also looking for recommendations on how to correct it.
>
> I've walked into the company just weeks after a consultant
> started implementing the AD design. Now, 8 months later and
> 10 servers later I believe that the design is flawed. Here
> are my symptoms:
>
> Any administration activity done on the servers such as
> setting permissions/re-writing permissions, opening property
> sheets within Exchange System Manager, Viewing properties
> sheets of OU objects/group policies, etc.
> All of these tasks take a long period of time to complete or display.
>
> >From the client end we see hanging connections - one moment
> a share is
> >available, the next permission is denied or the connection can't be
> >made. Opening files from the network sluggish and at times dhcp
> >settings are lost.
>
> We have 2 offices:
> Our HQ is in office A
> Our Datacenter is in office B
>
> Office A has 1 Windows 2000 Server and was the first server
> built in the Forest. This server is doing File/Print, DHCP,
> WINS, DNS for it's location among doing it's specialized
> tasks for the domain.
>
> Office B has 9 Windows 2000 Servers - among those 9 is a DC,
> 1 is an E2K server and 1 is an ISA server. The DC provides
> file/print, DHCP, WINS, DNS for it's location. The E2K
> server is the mail server for both locations and the ISA
> server is the Firewall for both locations.
>
> Office A is connected to Office B via 256kbps Split T1 used
> for both voice and data. Office B is connected to the
> internet via full T1 which is responsible for handling all
> internet requests.
>
> Both sites, office A and B, belong to the same parent domain
> - company.com with each client's dns set as clientname.company.com
>
> First questions: Are there any flaws with the above design?
> The most noticeable thing to me is that Office A and B
> communicate of a 256kbps shared line. I'm not an expert with
> AD, in fact, It's new to me but from what I understand
> anything done in Office B has to go to the Head Server in
> Office A. These is where I believe my problems lie.
>
> What I would like to do is break these two sites apart and
> have officeA.company.com and officeB.company.com - I think
> this is the correct approach but I'm not sure. My main
> concern is our Exchange 2000 Server and out ISA server
> because they're both linked heavily into the AD so totally
> redoing the design is a bit tough. Alternatively, I have
> started entertaining the idea of moving the server in Office
> A to the Office B location making Office B the root domain
> and any new sites child domains.
>
> I apologize for the length and if I've confused anyone - I'm
> confused myself. I just want to know if I'm blaming the
> symptoms on the right thing and how I should proceed.
>
> Thanks,
> Casey
> List info : http://www.activedir.org/mail_list.htm
> List FAQ : http://www.activedir.org/list_faq.htm
> List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
>
> List info : http://www.activedir.org/mail_list.htm
> List FAQ : http://www.activedir.org/list_faq.htm
> List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
> List info : http://www.activedir.org/mail_list.htm
> List FAQ : http://www.activedir.org/list_faq.htm
> List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
>
> List info : http://www.activedir.org/mail_list.htm
> List FAQ : http://www.activedir.org/list_faq.htm
> List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
>
