none
Inter-Site Transports RRS feed

  • Question

  • Hello,

    I have 8 sites. I have 2 or 3 domain controllers per site. I am building all new 2012  servers with DNS and DHCP installed but I am putting only 1 server in each site and removing the rest. I need to setup replication so If one site goes down they still can replicate and users can logon from another site. I also have a physical domain controller in my datacenter and if something was to happen to all of my virtual machines users would still be able to logon. How would I set this up? 


    cshsysadmin

    Monday, November 16, 2015 3:58 PM

Answers

  • Hi Clark,

    Need some clarification what you meant by saying this.

    "I need to setup replication so If one site goes down they still can replicate and users can logon from another site."

    This is something that works by default, what additional do you want to setup.

    How many forests \ domains do you have. If multiple, you make sure the DCs are GCs.

    In a single Forest\domain you have the each FSMO roles on a individual servers only and you can't have them replicated\HA.

    So if PDC emulator is down, password changes and invalid attempts are not going to workout properly.


    Regards,

    Satyajit

    Please “Vote As Helpful” if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

    Tuesday, November 17, 2015 8:06 AM
  • Whenever a client needs a DC, it basically makes a broadcast request. The first DC that responds is the DC that is used. 

    . : | : . : | : . tim

    Tuesday, November 17, 2015 3:54 PM

All replies

  • Hi Cshsysadmin,

    I suppose you could configure site to site VPN between all the sites. Then configure all the servers as DC with DNS role installed. On client, open Network and Sharing center>Change adapter settings>right click and choose Properties>IPv4 Properties>Advanced>DNS tab. Add all the DCs to the DNS server list.

    Then, clients would be able to logon even the local DC is not available.

    Best Regards,

    Leo


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Tuesday, November 17, 2015 4:11 AM
    Moderator
  • Hi Clark,

    Need some clarification what you meant by saying this.

    "I need to setup replication so If one site goes down they still can replicate and users can logon from another site."

    This is something that works by default, what additional do you want to setup.

    How many forests \ domains do you have. If multiple, you make sure the DCs are GCs.

    In a single Forest\domain you have the each FSMO roles on a individual servers only and you can't have them replicated\HA.

    So if PDC emulator is down, password changes and invalid attempts are not going to workout properly.


    Regards,

    Satyajit

    Please “Vote As Helpful” if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

    Tuesday, November 17, 2015 8:06 AM
  • Hi Leo,

    Why would I configure vpn between the sites they are connected by fiber...They are all DC's with the DNS role? All DCs are already in DNS and they are all DNS servers! 


    cshsysadmin

    Tuesday, November 17, 2015 1:08 PM
  • Hi,

    I have 1 forest and 1 domain. All the DCs are GCs. All The FSMO roles are split up between 2 DCs in the datacenter. How does it choose which DC?


    cshsysadmin

    Tuesday, November 17, 2015 1:12 PM
  • Whenever a client needs a DC, it basically makes a broadcast request. The first DC that responds is the DC that is used. 

    . : | : . : | : . tim

    Tuesday, November 17, 2015 3:54 PM
  • Hi Cshsysadmin,

    >> they are connected by fiber...

    Then you don't need to configure VPN.

    Best Regards,

    Leo


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, November 18, 2015 1:10 AM
    Moderator
  • Hi cshsysadmin,

    Adding to Tim on your question "How does it choose which DC?".

    By default it can hit DC in any site (can be changed). Once the client gets a DC, it next gets the info if the DC is from the relative optimal site name for the client.

    If not the client again does a site-specific DNS lookup every 15mins.

    Basically if your network is well connected, you don't have anything to worry, it will automatically connect to the closest DC after a while and incase of failures is already capable of connecting to something else.

    You need to make sure, the alternate DNS are accessible as suggested by Leo. Client will query DNS in order. So every site should have customized Primary DNS entry which would be the DC of that site.

    References:

    Domain Controller Locator algorithm

    Client Domain Controller selection

    How Clients Locate Domain Controllers


    Regards,

    Satyajit

    Please “Vote As Helpful” if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

    Wednesday, November 18, 2015 6:38 AM
  •   Is there any reason why this is in Hyper-V rather than Directory Services forum? Id there really anything here which makes it a Hyper-V question?

    Bill

    Wednesday, November 18, 2015 6:45 AM