+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 22
Windows Server 2008 R2 Thread, Two campus sync'd AD servers in Technical; Hi guys, I am setting up a new network over the summer in our school. We have two buildings, about ...
  1. #1

    Join Date
    Jun 2011
    Location
    Dublin, Ireland
    Posts
    23
    Thank Post
    6
    Thanked 3 Times in 3 Posts
    Rep Power
    7

    Lightbulb Two campus sync'd AD servers

    Hi guys, I am setting up a new network over the summer in our school. We have two buildings, about a half mile apart. They are connected by a 100mbs radio link on the roof. It is pretty stable but occasionally someone puts a tower crane or something in the way and we lose it for a few days.

    I want to have a server in each building that runs the AD and has the user shares on them. I want people in building A to use server as their gateway/dns/ad server etc and when they go to building B, use server B etc.

    Of course I need all the info in the AD and on the shares to be in sync. Is it possible to set something up that will sync the AD, GPO etc data every night and also sync any changes in shared data? This way if we lose the link people can still operate relatively normally.

    Failover clustering doesnt seem to be what I need. Obviously we can't have a physical cable link between them or we wouldn't need this solution.

    Summary:
    • Two servers, one LAN, physically separated with 100mbs radio link
    • Need both servers to be AD servers and store the shares
    • Need both server to be reasonably in sync (1/2 days old) for shares and up to date for AD, GPO info etc.
    • Currently running one server for the whole place, what's the best way to set up the second?



    Thanks in advance,

    Niall.

  2. #2
    soveryapt's Avatar
    Join Date
    Jan 2009
    Location
    Lancashire
    Posts
    2,435
    Thank Post
    672
    Thanked 279 Times in 246 Posts
    Rep Power
    78
    Your best bet is to make use of DFS (Distributed File System) that's built in. This would take care of your shares etc (you can either set it to do it immediately or to update at specific times).

    If you join both the servers to the same domain having one as the PDC and the other as a member server then they will both look after the user authentication and the sharing of GPO data etc.

    The only other thing to do then is to make sure that you have a DHCP server set up on each site which will handle the gateway information. Depending on how many computers / IP ranges you are using (or have assigned to you) you might want to split the scope so that the sites don't hand out the same IP addresses as when your radio link is working, you'll find that one server may take precidence over another for DHCP, but when the radio link get's blocked for whatever reason, you will have a DHCP server on that site to handle the failover stuff too.

    That's the way I'd be looking to do it anyway .. hope that helps a bit ..
    Andy

  3. Thanks to soveryapt from:

    Niall (4th July 2011)

  4. #3
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,214
    Thank Post
    138
    Thanked 347 Times in 293 Posts
    Rep Power
    90
    You should have a look at something called Distributed file system in the Enterprise (and heigher) versions of Server 2008 R2.
    AD and GPOs should sync anyway reguardless of the edition of Windows Server you have but using DFS would allow you to sync your shared documents between the sites.

    One place to start learning more- DFS Step-by-Step Guide for Windows Server 2008

  5. Thanks to jamesfed from:

    Niall (4th July 2011)

  6. #4

    Join Date
    Oct 2005
    Posts
    869
    Thank Post
    59
    Thanked 132 Times in 111 Posts
    Rep Power
    77
    If you've got the potential for periods of non-communication between the sites, I'd probably make one of the DCs read-only.

  7. #5

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,111
    Thank Post
    217
    Thanked 1,343 Times in 821 Posts
    Blog Entries
    4
    Rep Power
    526
    Quote Originally Posted by aptproductions View Post
    Your best bet is to make use of DFS (Distributed File System) that's built in. This would take care of your shares etc (you can either set it to do it immediately or to update at specific times).

    If you join both the servers to the same domain having one as the PDC and the other as a member server then they will both look after the user authentication and the sharing of GPO data etc.

    The only other thing to do then is to make sure that you have a DHCP server set up on each site which will handle the gateway information. Depending on how many computers / IP ranges you are using (or have assigned to you) you might want to split the scope so that the sites don't hand out the same IP addresses as when your radio link is working, you'll find that one server may take precidence over another for DHCP, but when the radio link get's blocked for whatever reason, you will have a DHCP server on that site to handle the failover stuff too.

    That's the way I'd be looking to do it anyway .. hope that helps a bit ..
    Andy
    This, with a small change.

    I'd set the sites up as two distinct sites in AD sites and services - then you can be assured that authentication will happen to the closest DC based on the IP information. reducing the potential bandwidth across the link.

    Also DFS-R is what you're looking for rather than DFS. and it's included in standard server, doesn't require enterprise.

    If your domain functional level can be set to 2008 you can take advantage of a much improved DFS version than the old 2003 version - should be a performance improver.

  8. #6
    soveryapt's Avatar
    Join Date
    Jan 2009
    Location
    Lancashire
    Posts
    2,435
    Thank Post
    672
    Thanked 279 Times in 246 Posts
    Rep Power
    78
    Quote Originally Posted by Domino View Post
    This, with a small change.

    I'd set the sites up as two distinct sites in AD sites and services - then you can be assured that authentication will happen to the closest DC based on the IP information. reducing the potential bandwidth across the link.
    Good point .. I'd of probably come to that eventually if doing it myself .. lol ..

  9. #7

    Join Date
    Jun 2011
    Location
    Dublin, Ireland
    Posts
    23
    Thank Post
    6
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    Thank's for all the information. We are running 2008R2 Enterprise so I'll give DFS a try. Setting up the second server now. I'll set it up as a distinct site in AD.
    This is also a completely new install, new servers and new Workstations so I'll make sure they are set to 2008 functional level.

    I will keep you posted.

    Niall.

  10. #8

    Join Date
    Jun 2011
    Location
    Dublin, Ireland
    Posts
    23
    Thank Post
    6
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    Ok round one complete. Second server is up and running, have it under a second site with it's own dhcp scope. All seems happy so far. I played with dfs a little bit but that is tomorrow's task, thanks for the stepy by step James, very helpful.

    As an aside, does any have a script (powershell, vba, vbs or otherwise) that will read all the users from an ou and create shares with each user having read/write? I'm just looking for an automated way to crate personal drivers for file storage & folder redirection. I have a very nice vba script that I can use from within excel to create users and put them in ou's but I don't have an automatic way to create home shares for each user.

  11. #9
    soveryapt's Avatar
    Join Date
    Jan 2009
    Location
    Lancashire
    Posts
    2,435
    Thank Post
    672
    Thanked 279 Times in 246 Posts
    Rep Power
    78
    Quote Originally Posted by Niall View Post
    As an aside, does any have a script (powershell, vba, vbs or otherwise) that will read all the users from an ou and create shares with each user having read/write? I'm just looking for an automated way to crate personal drivers for file storage & folder redirection. I have a very nice vba script that I can use from within excel to create users and put them in ou's but I don't have an automatic way to create home shares for each user.
    Are you wanting to create shared areas or just areas for each users documents etc?

    If the latter, then make use of the folder redirection for the users in the GPO and just tell it where the base share is to be (\\your.domain\DFS-Share\) and then it will create (so long as you choose the right setting) a sub folder for the user under that. I have a number of these set up - Staff, Students, Admin, Year Group, etc - so they are all stored in a slightly different folder (\\domain\staff, \\domain\students, etc) which means I can find people easily enough.

    It's fairly easy to do the whole shared folder for other access to, but I can't remember how I have it set up / which scripts I use etc, but I'll take a look tomorrow if no one else answers in the meantime ..

  12. Thanks to soveryapt from:

    Niall (8th July 2011)

  13. #10

    Join Date
    Jun 2011
    Location
    Dublin, Ireland
    Posts
    23
    Thank Post
    6
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    Apt, that is absolutely amazing! I have never heard of that feature before. I just got it working now, as well as DFS shares. The other shared drives should be fine, I can just create a few and add the security groups to it. Thanks again!

  14. Thanks to Niall from:

    soveryapt (11th July 2011)

  15. #11
    soveryapt's Avatar
    Join Date
    Jan 2009
    Location
    Lancashire
    Posts
    2,435
    Thank Post
    672
    Thanked 279 Times in 246 Posts
    Rep Power
    78
    No worries ..

  16. #12

    Join Date
    Jun 2011
    Location
    Dublin, Ireland
    Posts
    23
    Thank Post
    6
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    Ok another round of questions on this topic:
    I have two sites set up, two servers, one in each site. The AD replication is working.
    I want both servers to hand out DHCP for their respective sites.
    All workstations are dynamic DHCP.
    They seem to be randomly choosing a server.
    How do I assign a client/workstation to a site? I know I have to use subnets, and I have defined subnets for each site. But the site property for every computer is blank.

  17. #13

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,111
    Thank Post
    217
    Thanked 1,343 Times in 821 Posts
    Blog Entries
    4
    Rep Power
    526
    Crack open Active Directory sites and services, and setup a site for each physical location.

    Best practices here Best practices for Active Directory Sites and Services

  18. #14

    Join Date
    Jun 2011
    Location
    Dublin, Ireland
    Posts
    23
    Thank Post
    6
    Thanked 3 Times in 3 Posts
    Rep Power
    7
    Hi Domino,

    Nice link. I have a site for each physical location, a domain controller in each, global catalog on both. They have a subnet each and replication is running every 15 minutes.
    How do I align workstations with a site? I have a bunch of computers in diffrent OU's depending on where they are in the building but I don't know how to tell them that DC X is the one they should look at for their AD needs.
    In the computer properties there is a site field but it is blank for all our computers.

    Cheers,

    Niall.

  19. #15
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,995
    Thank Post
    123
    Thanked 286 Times in 263 Posts
    Rep Power
    108
    Computers know what site they are in because of the sites associated subnet.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Anyone using My Big Campus ?
    By Bashir in forum Internet Related/Filtering/Firewall
    Replies: 27
    Last Post: 23rd July 2014, 02:41 PM
  2. MS Campus Agreement - T&C's
    By mbedford in forum Licensing Questions
    Replies: 2
    Last Post: 15th February 2011, 02:41 PM
  3. identify computers not being used on campus
    By drewp in forum Network and Classroom Management
    Replies: 3
    Last Post: 2nd November 2010, 12:59 AM
  4. DC Servers not Sync'ing
    By Nick_Parker in forum Windows Server 2008
    Replies: 6
    Last Post: 19th May 2009, 05:42 PM
  5. Best way / method to sync time between servers.
    By mac_shinobi in forum Wireless Networks
    Replies: 10
    Last Post: 27th September 2005, 02:40 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •