0

I'm setting up a new network, now I need a remote (in our DC) and local active directory for various things. I want the email server to be on the remote server (for redundancy) then route through our local active directory in the office.

What's the usual setup for this sort of thing? How do I put them on the same network? - Do I have to have a constant VPN between the two (that could get frustrating).

It's also to share things like SQL server connections etc.

EDIT

Sorry if my question wasn't formed correctly. Let me try and explain it a bit better. This is the proposed setup of boxes. If i don't need one / it's stupid it can be changed.

Remote:

Active Directory Server
Exchange Server
Fileserver/SQL server 2012

Local: 

Active Directory Server
Fileserver/SQL Server 2012

Now, I want them to all share user credentials / network shares and that sort of thing. Do I put them in two separate forests and then join them together somehow?

My other question is, I want the exchange server to be remote. Do I need to run a local exchange server too and have them talk to each other some how? Or is it smart enough to go to the local active directory server - > Notice the exchange server is in the other forrest(I believe that's the terminology?) and route it all through?

Thanks,

Tom

MDMarra
  • 100,183
  • 32
  • 195
  • 326
MissCoder87
  • 415
  • 2
  • 4
  • 13
  • Sorry, it's very unclear what you're asking here. Can you please revisit this question and consider editing it? Do you actually need two separate forests, two separate domains in the same forest, or do you just need your on-premises AD to extend to your hosted datacenter? You also say you want to put your email on the "remote server" does this mean that you want to put it on the *same box* that would host AD at the datacenter? Do you only have one server there? *What* has to share things like SQL Server connections? Servers in the datacenter? Servers in your local site? – MDMarra Oct 15 '13 at 12:34
  • Hi, Thanks @MDMarra - I've added an edit with a few more details. Tom – MissCoder87 Oct 15 '13 at 12:45
  • Q: Should I have multiple active directories for my local and remote sites? A: No. – joeqwerty Oct 15 '13 at 14:42

1 Answers1

2

The first thing that you would do is configure a point-to-point VPN between the two sites, or get an MPLS circuit or similar technology so that the two sites appear to be on the same network.

You really don't want two different Active Directories here, based on what you've said. What you want is two Domain Controllers (one at each site) for the same Active Directory domain (so also a single forest). Having a single AD sounds like it will make the most sense here, especially if you want a single Exchange organization to span multiple sites. You may want to read this primer on Active Directory to get an understanding of domain controllers, domains, and forests.

You can deploy one Exchange server at each site if you want and use something like DAG to keep copies of the mail databases in both locations. In a DR situation, you would need to manually move the CAS to the local site from the DR site unless you configure a CAS array and do geo-loadbalancing which sounds way overkill for this scenario. If you're not interested in having a redundant Exchange infrastructure, you can just deploy a single server with all roles in your hosted datacenter.

TL;DR - One AD, two domain controllers in the same domain. Set up MPLS, VPN, or other connectivity between the two sites. Have a cup of coffee.

Community
  • 1
MDMarra
  • 100,183
  • 32
  • 195
  • 326