none
AD with 2 NIC RRS feed

  • Question

  • Good Day,

    I have environment with 2 site.

    I have 1 Primary AD and 10 applications server at production site and 1 AD at DR site. When the 10 application failover to DR site, it will maintains the same IP address with isolated network.

    Can i have the AD at DR site with 2 NIC? First NIC manage sync with Primary AD at production site and second NIC serve for DR site. It serve 10 applications for authentication purpose.

    Is there any issue with this AD with 2 NIC configuration? Please Advise. Thanks.

    Regards,

    Wesley

    Wednesday, April 9, 2014 4:33 AM

All replies

  • Hi,

    There is no use of 2NIC card. Single NIC will manage both activities. As per your shared information you do not have huge severs environment. That means you will not face any replication issue and authentication problem with single NIC card.

    Let’s think: Currently your production site is running, then don’t have to worry about authentication of DR application servers. Only you have to test servers are properly authenticating with DR AD servers or not. Suppose your production site goes down on that time DR site AD will not replicate with production site AD because production site AD server is not in live condition.

    For NIC card Redundancy purpose you can install 2 NIC card and create Teaming between them. So in this scenario you will solve your question.

    ---------------------------------------------------------------------------------------------------------------

    Deepak Kotian.

    MCP, MCTS, MCITP Exchange 2010 Ent. Administrator

    Disclaimer: Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!

    All the opinions expressed here is mine. This posting is provided "AS IS" with no warranties or guarantees and confers no right

    Wednesday, April 9, 2014 8:20 AM
  • Hi Deepak Kotian,

       Thanks you for reply. I understand your explanation.

       Let me elaborate more about my existing environment. Production Site AD and Application server running on IP 172.18.18.x and DR site running on IP 172.19.19.x.

       Customer plan run the DR simulation with application servers failover (CDP) and it maintance the same IP as source. Both site application servers active at the sametime. We already isolate the network so both application servers would not be coflict.

       So i deploy the AD at DR site with 2 NIC. 1 NIC 172.19.19.x for replication and 1 NIC 172.18.18.x for application servers authencation purpose at DR site. so, only DR AD manage comunicate both (DC and DR) site with different vlan.

       Any issue with this design? computer object confict?

    Regards,

    Wesley

    Wednesday, April 9, 2014 1:58 PM
  • As per your provided information what I am understood, you keep same IP address for application servers for Production and DR site. That means you will keep same Host name also.

    Or

    If you not keep same Host name but maintain same IP address. Then as per my knowledge you will face following issue in your environment.

    1. How you will create AD subnet in AD sites and services for respective location authentication purpose.
    2. Duplicate name (Same host name) server will not add in domain.
    3. If you will forcefully join in domain, then you will face Authentication issue.
    4. Multiple “A” records will create in DNS Servers (If DNS will AD integrated)
    5. You face Name and IP resolution Problem.
    6. User’s application query will goes to any location using DNS resolution and Etc.

    If your both sites applications are active condition, that means it is not DR. It’s called as HA of respective Application.

    ------------------------------------------------------------------------------------------------------

    Deepak Kotian.

    MCP, MCTS, MCITP Exchange 2010 Ent. Administrator

    Disclaimer:Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!

    All the opinions expressed here is mine. This posting is provided "AS IS" with no warranties or guarantees and confers no right

    Thursday, April 10, 2014 7:50 AM
  • there will be same host name and same ip address since we recover those servers from snapshot technology but both site running on different vlan. I configure DR AD with 2 NIC. 1 NIC 172.19.19.x for replication and 1 NIC 172.18.18.x for application servers authencation purpose at DR site.

    i did not create any site for AD. AD is running on vm. So any issue on AD with such configuration? example duplicate host name.

    Thursday, April 10, 2014 3:38 PM
  • If you use snapshot technology, then it will create same image of your production site. That means will maintain servers also and If you’re planning to run both locations as active, then you will 100% face issue in authentication and one or both location servers will automatically evict from domain.

    I am recommending you to do not go with your current plan for preparing DR. This plan will not help to create DR but surely it will destroy your production setup.

    Only one way your plan will work. Suppose if you will start DR servers after shutdown production, then only your snapshot technology will help you but not for ADC.

    -----------------------------------------------------------------------------Deepak Kotian.

    MCP, MCTS, MCITP Exchange 2010 Ent. Administrator

    Disclaimer:Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!

    All the opinions expressed here is mine. This posting is provided "AS IS" with no warranties or guarantees and confers no right


    Friday, April 11, 2014 8:30 AM
  • I manage make the Production and DR active will same hostname and IP address which both using different vlan. so, it can not comunicate between the 2 sites. then, I configure DR AD with 2 NIC. 1 NIC 172.19.19.x (vlan100) for replication and 1 NIC 172.18.18.x (vlan99) for application servers authencation purpose at DR site.

    My question is any issue with the AD configuration with 2 NIC and both site share the some AD (DR AD)?

    Friday, April 11, 2014 9:05 AM
  • You will not face AD configuration problem but after doing this activity you will face problem in Server AD Authentication. Due to same SID because AD having same database with all AD servers.

    ---------------------------------------------------------------------------------------------

    Deepak Kotian.

    MCP, MCTS, MCITP Exchange 2010 Ent. Administrator

    Disclaimer: Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!

    All the opinions expressed here is mine. This posting is provided "AS IS" with no warranties or guarantees and confers no right

    Friday, April 11, 2014 3:45 PM