Additional domain controller in remote site
-
@Dashrender said:
@IT-ADMIN said:
@Dashrender said:
The AD box needs access to DNS too. You need to give the secondary DNS server pointing to itself.
the main DC need only his own ip as DNS server, but the branch DC need the DNS access of the main DC, do you mean that he need his own ip as a second DNS ??
Yes. Now Scott and Alex are both saying it should point to itself first, but I prefer to point to another DNS server first, and itself second.
But - if the DC is only pointing to another source, and you remove that source you will find that the DC in question (in your case the branch DC) will have all kinds of problems since it doesn't have DNS to query about services.
Microsoft has always stated that it needs to point to itself first. There is no benefit to pointing to the other first but many downsides like higher latency and increased traffic.
-
what about the replication that take place in time, it seems that the branch DC don't respect the Active Directory Sites and Services at all, because i configure the replication to take place at night and finish in the morning
and how to force branch machines to login from their local DC, ???
-
@IT-ADMIN said:
what about the replication that take place in time, it seems that the branch DC don't respect the Active Directory Sites and Services at all, because i configure the replication to take place at night and finish in the morning
and how to force branch machines to login from their local DC, ???
The default replication schedule of a couple hours should be sufficient for most needs. Any more than that could leave the two sites rather out of sync. Less than that's a waste of bandwidth.
Is their local DC a GC as well?
-
@alexntg said:
@IT-ADMIN said:
what about the replication that take place in time, it seems that the branch DC don't respect the Active Directory Sites and Services at all, because i configure the replication to take place at night and finish in the morning
and how to force branch machines to login from their local DC, ???
The default replication schedule of a couple hours should be sufficient for most needs. Any more than that could leave the two sites rather out of sync. Less than that's a waste of bandwidth.
but at lease the branch DC should respect the schedule, \
Is their local DC a GC as well?
Yes it is both a global catalog and DNS server
-
@IT-ADMIN said:
@alexntg said:
@IT-ADMIN said:
what about the replication that take place in time, it seems that the branch DC don't respect the Active Directory Sites and Services at all, because i configure the replication to take place at night and finish in the morning
and how to force branch machines to login from their local DC, ???
The default replication schedule of a couple hours should be sufficient for most needs. Any more than that could leave the two sites rather out of sync. Less than that's a waste of bandwidth.
but at lease the branch DC should respect the schedule, \
Is their local DC a GC as well?
Yes it is both a global catalog and DNS server
Ok, and what is the primary DNS on each client set to?
-
@alexntg said:
Ok, and what is the primary DNS on each client set to?
i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving
-
what server is providing DHCP for the branch PCs?
-
-
@alexntg said:
@IT-ADMIN said:
@alexntg said:
Ok, and what is the primary DNS on each client set to?
i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving
And if you run an nslookup against the branch DC, does it resolve queries?
nslookup in branch client machine or branch DC itself ??
-
@IT-ADMIN said:
@alexntg said:
@IT-ADMIN said:
@alexntg said:
Ok, and what is the primary DNS on each client set to?
i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving
And if you run an nslookup against the branch DC, does it resolve queries?
nslookup in branch client machine or branch DC itself ??
Nslookup from any client computer, and specify the branch DC as the DNS server.
-
@IT-ADMIN said:
@alexntg said:
@IT-ADMIN said:
@alexntg said:
Ok, and what is the primary DNS on each client set to?
i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving
And if you run an nslookup against the branch DC, does it resolve queries?
nslookup in branch client machine or branch DC itself ??
Both, actually.
-
when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADC -
@IT-ADMIN said:
when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADCWhat happens when you force nslookup to use the branch server?
-
@Dashrender said:
what server is providing DHCP for the branch PCs?
Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.
-
@alexntg said:
@IT-ADMIN said:
when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADCWhat happens when you force nslookup to use the branch server?
really i didn't try that, but tomorrow i will go to the branch office and try this, thank you
-
@IT-ADMIN said:
@alexntg said:
@IT-ADMIN said:
when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADCWhat happens when you force nslookup to use the branch server?
really i didn't try that, but tomorrow i will go to the branch office and try this, thank you
You can try it from your computer, even. Just force nslookup to use the branch DC.
-
@Dashrender said:
@Dashrender said:
what server is providing DHCP for the branch PCs?
Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.
yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS
-
@IT-ADMIN said:
@Dashrender said:
@Dashrender said:
what server is providing DHCP for the branch PCs?
Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.
yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS
For the branch site, the DC should be primary DNS, and the DC at your main location should be secondary. Non-AD DNS sources should not be used.
-
@IT-ADMIN said:
@Dashrender said:
@Dashrender said:
what server is providing DHCP for the branch PCs?
Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.
yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS
Internet gateway? No it must be the other DC.
-
@alexntg said:
@IT-ADMIN said:
@Dashrender said:
@Dashrender said:
what server is providing DHCP for the branch PCs?
Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.
yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS
For the branch site, the DC should be primary DNS, and the DC at your main location should be secondary. Non-AD DNS sources should not be used.
I use them but only for tertiary and quaternary DNS options and only when I have only two DCs.
