I want to set up a branch windows 2008 connection. Mainly as lab work though.
I have a test win 2008 at one lab, which is the main office
I want to set the second DC at my other lab just 20 mins down the road. This will be again another win 2008 DC
As far as I know this is the steps.
1. create VPN link first
- I checked on the router at the main site and it has a Netgear router, which allows you to create a VPN Policy.
- The other site has a cisco router which allows for an Ipsec policy.
2. Create new subnets and assign them to a the appropriate sites
- The main site has a static ip and is 192.168.1.36/24
- The branch site will be sitting on a lan that will probably be 192.168.1.52/24
3. make sure that needed ports for AD replication are opended
636 (Secure Sockets Layer [SSL])
3268 (global catalog)
SMB over IP 445
4. Set up the second DC, go to DNS and create reverse lookup zones
Point the first DNS on the second DC to itself and then alternative to the primary DC (labtest.com)
Install Remote desktop connection on the Second DC
- I was thinking would it be easier to configure the 2nd DC at the main office first, then ship it? I want it to be on the existing Domain, with the same domain name (peer domain or additional DC) e.g. labtest.com
- Or would it be best to set it as a member server, then ship to my other test lab and then remote to it and dcpromo?
5. Setup the new DC as a GC and wait for replication.
Am I missing anything? I could go for an RODC on the branch lab, but I am going to decomission the thing, so security is not going to be a problem, I am mainly just doing this for test purposes.
Also, do I need to set up any trusts?
Sorry for asking so many questions in one go. Hope someone out there can help.
Thanks in advance.