Additional domain controller in remote site

alexntg

@IT-ADMIN said:

@alexntg said:

@IT-ADMIN said:

what about the replication that take place in time, it seems that the branch DC don't respect the Active Directory Sites and Services at all, because i configure the replication to take place at night and finish in the morning

and how to force branch machines to login from their local DC, ???

The default replication schedule of a couple hours should be sufficient for most needs. Any more than that could leave the two sites rather out of sync. Less than that's a waste of bandwidth.

but at lease the branch DC should respect the schedule, \

Is their local DC a GC as well?

Yes it is both a global catalog and DNS server

Ok, and what is the primary DNS on each client set to?

IT-ADMIN

@alexntg said:

Ok, and what is the primary DNS on each client set to?

i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving

Dashrender

what server is providing DHCP for the branch PCs?

alexntg

@IT-ADMIN said:

@alexntg said:

Ok, and what is the primary DNS on each client set to?

i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving

And if you run an nslookup against the branch DC, does it resolve queries?

IT-ADMIN

@alexntg said:

@IT-ADMIN said:

@alexntg said:

Ok, and what is the primary DNS on each client set to?

i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving

And if you run an nslookup against the branch DC, does it resolve queries?

nslookup in branch client machine or branch DC itself ??

alexntg

@IT-ADMIN said:

@alexntg said:

@IT-ADMIN said:

@alexntg said:

Ok, and what is the primary DNS on each client set to?

i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving

And if you run an nslookup against the branch DC, does it resolve queries?

nslookup in branch client machine or branch DC itself ??

Nslookup from any client computer, and specify the branch DC as the DNS server.

scottalanmiller

@IT-ADMIN said:

@alexntg said:

@IT-ADMIN said:

@alexntg said:

Ok, and what is the primary DNS on each client set to?

i set client in the main office to use the main DC for DNS resolving and set branch client to use branch DC for DNS resolving

And if you run an nslookup against the branch DC, does it resolve queries?

nslookup in branch client machine or branch DC itself ??

Both, actually.

IT-ADMIN

@scottalanmiller

when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADC

alexntg

@IT-ADMIN said:

@scottalanmiller

when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADC

What happens when you force nslookup to use the branch server?

Dashrender

@Dashrender said:

what server is providing DHCP for the branch PCs?

Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.

IT-ADMIN

@alexntg said:

@IT-ADMIN said:

@scottalanmiller

when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADC

What happens when you force nslookup to use the branch server?

really i didn't try that, but tomorrow i will go to the branch office and try this, thank you

alexntg

@IT-ADMIN said:

@alexntg said:

@IT-ADMIN said:

@scottalanmiller

when i run nslookup in any branch computer, it resolve successfully but it use the main DNS even if i they have as primary DNS the ADC ip address
what anger me is that machines in the branch office neglect the ADC

What happens when you force nslookup to use the branch server?

really i didn't try that, but tomorrow i will go to the branch office and try this, thank you

You can try it from your computer, even. Just force nslookup to use the branch DC.

IT-ADMIN

@Dashrender said:

@Dashrender said:

what server is providing DHCP for the branch PCs?

Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.

yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS

alexntg

@IT-ADMIN said:

@Dashrender said:

@Dashrender said:

what server is providing DHCP for the branch PCs?

Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.

yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS

For the branch site, the DC should be primary DNS, and the DC at your main location should be secondary. Non-AD DNS sources should not be used.

scottalanmiller

@IT-ADMIN said:

@Dashrender said:

@Dashrender said:

what server is providing DHCP for the branch PCs?

Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.

yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS

Internet gateway? No it must be the other DC.

scottalanmiller

@alexntg said:

@IT-ADMIN said:

@Dashrender said:

@Dashrender said:

what server is providing DHCP for the branch PCs?

Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.

yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS

For the branch site, the DC should be primary DNS, and the DC at your main location should be secondary. Non-AD DNS sources should not be used.

I use them but only for tertiary and quaternary DNS options and only when I have only two DCs.

IRJ

We use a 5 DCs at our main office and branches have no DCs. Since I use PDQ for package deployment and I use a separate Group Policy for each branch. I have never had an issue with our T1 Connections. You can use AD Sites and Services to create a new site for the branch and just build the second DC at your main office. I really don't see why you need a second DC at the branch, user authentication and group policy don't use much bandwidth at all. I bet your branch users are still accessing their shares and applications over the WAN. Which uses much more resources than AD would ever use.

scottalanmiller

We use central AD only as well.

alexntg

@scottalanmiller said:

@alexntg said:

@IT-ADMIN said:

@Dashrender said:

@Dashrender said:

what server is providing DHCP for the branch PCs?

Again, what server is providing DHCP to the branch PCs? Is the scope set correctly to give the PC's the DNS of the branch DNS server.

yes, the DHCP is providing the correct DNS setting which is the ip of my ADC as primary DNS and the internet gateway as secondary DNS

For the branch site, the DC should be primary DNS, and the DC at your main location should be secondary. Non-AD DNS sources should not be used.

I use them but only for tertiary and quaternary DNS options and only when I have only two DCs.

Using non-AD DNS in an AD enviornment can lead to kerberos errors and other fun, erratic behavior.

scottalanmiller

Yes. Using non-AD DNS is a more expert option. Just going to make things harder. Stick with integrated AD / DNS.