Jump to content

9 posts in this topic

Posted

All,

Just wondering, how many of you have (virtual or not) DC's offsite for disaster recovery purposes?

Thanks
GE

Share this post


Link to post
Share on other sites

Posted

Off-site as in, outside of the LAN totally or on the same LAN but connected at different buildings maybe via Fiber?

Share this post


Link to post
Share on other sites

Posted

It is a good idea to have a dc at a remote location for auth purposes. You can always seize the rolls if needed. That would be good enough for dr. If it is remote enough.

Share this post


Link to post
Share on other sites

Posted

Offsite could be virtual in the cloud connected using a Site to Site VPN or another building.....anything that counts as "remotely".

I'm currently looking into the virtual in the cloud options. Can anybody recommend anything?

Thanks
GE

Share this post


Link to post
Share on other sites

Posted

Really it depends on the size and needs of your enterprise (small business would never need it tbh) and how fast stable your internet/vpn/site to site link it to ensure there are no issues.
I cant see a huge amount of scenarios where remote DC is needed though.

Share this post


Link to post
Share on other sites

Posted

With our setup we have servers at two locations. Each location has its own Domain Controller which can authenticate servers from both locations.

We have had one Domain Controller go tech so the remaining DC was authenticating servers at the remote site until the replacement was back up, so would recommend having spare DC's off-site.

Share this post


Link to post
Share on other sites

Posted

A question for you all to do with Off site DCs and DNS.

 

Our main Office uses 10.0.0.0/16, DC/DNS are 10.0.0.20 and 10.0.0.21.

The Saltney Office uses 10.3.0.0/16, currently no DC there.

Site to Site VPN is 10.4.0.0/16 

 

I'm planning on creating a new DC in our Saltney Office. I know the servers DNS will need to be 10.0.0.20 and 10.0.0.21 so I can a) put it on the domain and b) become a DC.....but when the new DC is setup, does the DNS on the offsite DC need to change?

 

Just wondering what your setups are?

 

Thanks

Gareth

Share this post


Link to post
Share on other sites

Posted

The ad servers need to point to themselves first then to another dc. This way if a dc goes down they can still see themselves. DNS will replicate to all so it really should always be itself in ip properties.

Share this post


Link to post
Share on other sites

Posted

OK Cool. Thanks for that.

 

GE

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.