1 Domain + 1 domain + syncronised users = possible?

[tarquel]

hehe Hello all

I'm thinking about adding a new domain & server into our Music block as I successfully managed to create a wifi bridge to the rest of the network the other week.

I currently have nearly finished the current setup similar to what we had, in that it uses a Buffalo Terastation as a fileserver - but the users dont have individual usernames - it is simply "pupil", "teacher", and "admin" - and works fairly well as a peer-2-peer workgroup but the pupils all save to the same area - like a resource share you may have setup for teachers for example.

Now, of course, the speed would be pitiful if i was to use the current DC through the wifi link, so I thought the best way would be to create a new domain - plus the Music teacher likes her independance i think hehe

On top of that, as we do alot of music producing - both midi and more and more audio/wave recording using Cubase etc - its likely that it just wont be useable at all if I was to use the DC as it stands.

My thought is that should the wifi link go down, or the main domain go down, it wont effect the music room domain - as I would want it to be a self contained unit as such.

The problem is usernames hehe as although we don't have a great deal of pupils/users here, it would still be a pain to create them manually from scratch.

Is there some way to syncronise the usernames between domains or do i have to do it manually and alter my user creation script?

Having this seperate domain here would be great in that the users can log in the music room computers with the same credentials as they do on the other computers, and also, great that they then could save their work into their own home dir - and it cant get lost/accidentally deleted etc.

I think the equipment and licensing will come to just over £1K - but i think it would be money well spent.

Does anyone have any thought to this plan? i.e. is it plausible? suggestions? ideas? etc...

Also, would i be able to give it a different IP range to what the current domain has without any problems etc? as the current range is fairly full really, but more than that, I'd want the music room DC to have its own DHCP so that if the wifi link dies, the machines arent affected [except for internet, sync-ing stuff, and good ol' wfolder lol]

Thanks
Nath.

[Geoff]

Setup a new domain, just put it in the same forest. It'll work like you want.

[tarquel]

But I can't see the forest for the trees... :P

Well actually - the forest is the domain - same name [because i was a dumbass when i set it up and I dont dare break it by reconfiguring it hehe]

I take it it shouldn't matter tho.... i.e.

Current domain/forest:

mydomainandforest.mycompany.mycounty.sch.uk

Additional domain set up as:

mynewdomain.mydomainandforest.mycompany.mycouny.sc h.uk

I guess without breaking everything, theres no way for me to [re]configure things to make the forest just:

mycompany.mycounty.sch.uk

instead of:

mydomainandforest.mycompany.mycounty.sch.uk

because then I could have the new domain like this:

mynewdomain.mycompany.mycounty.sch.uk

right?

EDIT: Did you vote No! Geoff? lol

Nath

[Geoff]

Use the domain rename tools to rename your DNS domain.

http://www.microsoft.com/technet/dow...ainrename.mspx

Did you vote No! Geoff?

I voted Maybe.

[tarquel]

thanks for that dude

I take it my plan sounds fine then?

hehe
nath

[Geoff]

Assuming you can pull off a domain rename without leaving everything as a smoking pile of rubble. Yes.

[thom]

Authenticating across a wi-fi bridge should be fine.
I would continue using your current domain controller but keep a local terastation in the music room for files.

Then you can sell the business case to have the money for a proper gig link between the music switch and the main comms. cabinet in next years budget. It wouldn't cost that much and would save you the hassle of running two domains.

I tried re-naming my domain using the above tool and it crashed out, meaning I had to go round and re-join all 300 clients to the new domain manually - causing two days downtime!!! Just a caution, I'm sure it works fine.

[Geoff]

You can remotely join clients to a domain using psexec and netdom.

[Lord_Edam]

I'm confused...if you're going to make a new domain in the music block you've got a spare PC to use as a domain controller. so why not just make it a domain controller in your existing domain?

If the wifi link goes down it doesn't matter because your domain controller in the music block will take up the slack, and if the main domain goes down...well, it's unlikely to because you've got two domain controllers. At worst the wifi link gets a little saturated - but you won't care because you'll be busy trying to fix the domain and slow logons are always better than no logons at all

[ajbritton]

I use single forest with 2 domains to isolate the management of Admin and Curriculum networks. The Admin domain is the forest root domain. The only extra hassle we get from this (as opposed to having seperate forests) is that replication is sometimes a fiddle to get working between the domains.

[tarquel]

I thought I had replied to this but oh well... here goes again hehe

The link from the music block is purely [at the moment] just so that we can use the e-registration system up there - she's had to manually write them for years after we got bromcom because their custom wifi network is out of range hehe.

It's also been handy to have the internet up there too, for obvious reasons of updating things etc.

As the main use of the machines is Cubase etc., its never been a big problem - but if its going to be linked on the network, then I want to have them all patched up etc [not a problem with my WSUS.... Moving on - I'm digressing here hehe]

The music teacher [and me] agree that its better to have the area kept as she's had it - segmented off and self contained - so this is why it needs to have to be a seperate domain as such, so that if the link goes down, both networks dont suffer as a result.

Lord_Edam - I have [as far as this thread goes] one domain in the main building with 1 DC [as a fileserver also] and 1 server with Exchange 2003 on it.

We dont have anything spare hehe this is why i can never test scenario's / lab test network's - as I'm not privvy to such luxuries hehe MS's plan's make me laugh some times hehe They development teams should ome here

I have bought [and should arrive today] a new HP PL ML-150 & 2x 200GB SATA drives which will be nice.

If i understood IP ranges properly, I would set up a seperate range in the music room - i'm now slightly baffled tho. What's to stop any machine taking any IP address off this DC from the main network?

More of what I've been doing is here:

http://www.linksysinfo.org/portal/fo...ad.php?t=48482

Any more thoughts are welcome

Cheers
Nath

[j17sparky]

We're based on 2 sites with a 80meter gig fibre between us. A DC running on either site. If the link goes down or one DC dies the other takes over. We have had next to no down time in the 2+ years ive been here. (Obviously if the link goes down we lose some services but you are always able to get logged on- ie either internet or files go down depending what site your on)

We dont run 2 seperate domains, simpley 2 DCs on the same domain. Personally i see no need for you to run 2 domains, just set up like we have and then, like said, use next years budget to run a fibre between the builldings - you WILL NEED to do this in the near future anyway so may aswell do it now instead of creating massive amounts of work for yourself. 54mbps isnt alot when several users hit it at once.

[tarquel]

Thanks for the reply...

But this is my point - the users won't be using the link if everything is self-contained.

The teacher doesn't want them on the Internet and stuff - which is fine by me [we have about a equiv of a 2M line lol] - and they will be saving their work on the file server in the music room.

The only usage of the link will be extremely low comunication of a e-reg system - just uses a single port to "talk" on - and anything else is a bonus.

To save me the hassle of creating users twice, I thought that I would be able to sync the two domains so that the users can be added to the music room domain without the need to create them all over, but its no big problem if not - the main issue is that if they change the password on one, it wont change on the other etc...

I'm interested in the idea of keeping it all one domain and having it so that if you log on to the domain in the music room, the server in there will serve you and if its anywhere else, the main DC will serve you - but i would like it so that you get the home dir on the music room server to be mapped when in there, and as normal in the rest of the school.

That make sense? lol

I wonder if this is a golden opportunaty to install srv 2003 R2 on everything? hehe [yes, bought the licenses]

The DC is slugish anyhow - back to my old problem that someone suggested fixing [in a different thread] by getting another machine, install 2k3, attach and promote, wipe the former DC, install 2k3 again, attach and premote that to DC again.

I guess its the only chance i've got to remedy any probs on the DC - but the problem of time to do it is when this lie Think i can do it in about 1-2hrs? hehe

...plus R2 the system, and rename the forest, without losing all the shares & breaking Exchange 2k3 also?

Shame i've got no time when the school is off - as i've got the rest of my annual leave to take hehe

Nath.

[mark]

Depends how much traffic is generated by replication. I can just picture you with the server in a wheelbarrow taking it over for a sync! lol

You'd have to map shares and home folders according to PC name.

[tarquel]

You'd have to map shares and home folders according to PC name.

like dur :P

easy peasy with kixtart script and GP anyhoo

[note the sarcasm hehe ]

Nath