Installing an Additional Domain Controller (ADC) to remote office\site over a slow WAN link

Installing an Additional Domain Controller (ADC) to remote office\site over a slow WAN link

Posted by Gaurav Sharma under Active Directory
Leave a Comment 

Installing an Additional Domain Controller (ADC) to remote office\site over a slow WAN link

Have you ever tried to install the Active Directory Services over a slower link say 64 Kbps? In more refined way we would say installing an Additional Domain Controller to one of your remote office (site) to which the WAN connectivity is very slow…… If you need to install then Windows Server 2003 has a very good feature using which you don’t have to wait for entire Active Directory data to be replicated.

One of the foremost annoyances of installing Active Directory in Windows 2000 was installing a domain controller at a remote site….and then waiting interminably for the contents of the NTDS.DIT file to replicate over a slow WAN link. In Windows Server 2003, you now have the Install from Mediaoption, where you can install a new domain controller into an existing domain by using a System State Backup of an existing domain controller in that domain (You can only use this function to install additional domain controllers in an existing domain, not to create a new domain.). Using theInstall from Media options is a three-step process:

1. Create a System State backup of an existing Windows Server 2003 domain controller using the Windows Backup utility- this must be a server running Windows Server 2003 and not Windows 2000. Copy the BKF file to a CD, DVD, or some other portable media.
2. Log on to the 2003 server that you want to promote as domain controller more specifically additional domain controller. Before you run dcpromo,open the Windows Backup utility and restore the BKF file. While restoring the System State from the source DC, select the Restore Files to Alternate Location option, and place the restored System State data in a temporary folder on the server’s local hard drive.(Don’t place it in the folder that will actually house the NTDS.DIT file when you rundcpromo, or all kinds of confusion will ensue.)
3. Run dcpromo  /adv from the “Run” line of the new 2003 server. The  /adv switch will take you past the initial Welcome screen to the Additional Domain Controller for an existing domain screen. The next screen is where the magic happens: on the Copying Domain Information screen, select From these restored backup files, and point to the temp folder you created in step 2.

The remaining installation will proceed just like any other dcpromo. You will still need network connectivity to verify DNS and to authenticate as a Domain Admin, but the bulk of the heavy lifting will be handled by the local source files,  rather than going over the WAN.

Hope you will find the above content useful.