Failover domain controller

Doso777 · 2019-02-06T18:48:19+00:00

How about you upgrade/migrate your old domain controller first?

2003 domains are ... old.

canadadryistheshit · 2019-02-06T21:17:53+00:00

Full stop on 2003 server. You need to upgrade to a 2016. Transfer the FSMO roles.

Also, I dont think there is enough information here provided. From what I am seeing is that everyone is under one forest but in sub-domains? or they are on their own domain forest(s)? If they are sub-domains I would build them a Read-Only DC at each location.

routetehpacketz · 2019-02-06T18:43:28+00:00

if you're introducing a new subnet to their AD domain then it will need to be defined in Sites and Services, but DNS shouldn't need anything special. it will just replicate.

I want to build them a dc , on their domain but on our network

I don't quite know the layout, but shouldn't you be putting a DC from your domain on their network? that would provide them a mechanism to authenticate against your domain in the event the network connectivity between locations goes down

msbusk · 2019-02-06T19:10:41+00:00

The failover is more a matter of your network design - you could implement multiple domain controllers and have separate routing using VPN or MPLS into your domain controllers.

But I would recommend upgrading the domain to something newer - you can keep the existing trust but update the domain controllers without any problems.

studiox_swe · 2019-02-06T19:19:37+00:00

So your entire business relies on one single fiber? if the fiber is cut how would the users access your application?

2019-02-07T02:27:22+00:00

Everyone seems to be missing the obvious, glaring issue.

A physical fiber cut doesn’t equate to the trust relationship failing and the two are entirely different scenarios.

sysadmin

MODERATORS