Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Re: Secondary AD question - Urgent
Re: Secondary AD question - Urgent [message #156084] Wed, 10 June 2009 09:07 Go to next message
Luiz  is currently offline Luiz
Messages: 119
Registered: July 2009
Senior Member
Hi Paul,

thank you for your response.
If you let me another question, just for curiosity, If the Additional AD is
not a PDC, how is it possible the users change their passwords or the
workstations join to the domain?

Best Regards.

Luiz

"Paul Bergson [MVP-DS]" wrote:

> Nope. I have done just that. Once you get your link up and running the DC
> at the remote site will replicate its changes as will the changes that have
> occured from the domain as well.
>
> Just make sure you aren't disconnected longer than 180 days, which is the
> tombstone lifetime.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Luiz" <Luiz@discussions.microsoft.com> wrote in message
> news:1710E14D-99F2-4160-B317-C1B4CD2A6257@microsoft.com...
> > Hi,
> >
> > I have a question about Additional AD and if anyone can help me I
> > appreciate:
> > - I have an AD 2003 environment wiht one Primary AD that is holding all 5
> > FSMO┬┤s and several Additional AD sites.
> > I intend to add another AD in a remote site with low link so that I will
> > configure the AD in my local network and then transport it to the remote
> > site.
> > My remote site, the destiny of the Additional AD, will not have a link
> > with
> > principal site for one week but I intend join the workstations from the
> > remote site using that Additional AD, that will be a DNS Server as well.
> >
> > I have created an test environment and the workstations join in the
> > Additional AD but I would like to know if it will have some problem when
> > the
> > link with Primary add is on.
> >
> > Any concerend about it?
> >
> > Thanks for while.
> >
> > Luiz
>
>
>
Re: Secondary AD question - Urgent [message #156107 is a reply to message #156084] Wed, 10 June 2009 11:04 Go to previous messageGo to next message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
The password is changed locally and then replicated first to the pdce, since
it is unavailable it won't be able to change it until there is connectivity.
There is the problem that if a user changes remotely and travels to a
different site then they may be asked to change it again from the old to the
new and then you could get some issues where the password from the latest
change will take precedance but nothing will break.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Luiz" <Luiz@discussions.microsoft.com> wrote in message
news:A5561841-1BCA-4C1E-83D6-301AB010E80F@microsoft.com...
> Hi Paul,
>
> thank you for your response.
> If you let me another question, just for curiosity, If the Additional AD
> is
> not a PDC, how is it possible the users change their passwords or the
> workstations join to the domain?
>
> Best Regards.
>
> Luiz
>
> "Paul Bergson [MVP-DS]" wrote:
>
>> Nope. I have done just that. Once you get your link up and running the
>> DC
>> at the remote site will replicate its changes as will the changes that
>> have
>> occured from the domain as well.
>>
>> Just make sure you aren't disconnected longer than 180 days, which is the
>> tombstone lifetime.
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
>> 2008, 2003, 2000 (Early Achiever), NT4
>>
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewsGroup This
>> posting is provided "AS IS" with no warranties, and confers no rights.
>>
>> "Luiz" <Luiz@discussions.microsoft.com> wrote in message
>> news:1710E14D-99F2-4160-B317-C1B4CD2A6257@microsoft.com...
>> > Hi,
>> >
>> > I have a question about Additional AD and if anyone can help me I
>> > appreciate:
>> > - I have an AD 2003 environment wiht one Primary AD that is holding all
>> > 5
>> > FSMO┤s and several Additional AD sites.
>> > I intend to add another AD in a remote site with low link so that I
>> > will
>> > configure the AD in my local network and then transport it to the
>> > remote
>> > site.
>> > My remote site, the destiny of the Additional AD, will not have a link
>> > with
>> > principal site for one week but I intend join the workstations from the
>> > remote site using that Additional AD, that will be a DNS Server as
>> > well.
>> >
>> > I have created an test environment and the workstations join in the
>> > Additional AD but I would like to know if it will have some problem
>> > when
>> > the
>> > link with Primary add is on.
>> >
>> > Any concerend about it?
>> >
>> > Thanks for while.
>> >
>> > Luiz
>>
>>
>>
Re: Secondary AD question - Urgent [message #156112 is a reply to message #156107] Wed, 10 June 2009 13:40 Go to previous message
Luiz  is currently offline Luiz
Messages: 119
Registered: July 2009
Senior Member
Thanks again, Paul.

Best Regards.

Luiz

"Paul Bergson [MVP-DS]" wrote:

> The password is changed locally and then replicated first to the pdce, since
> it is unavailable it won't be able to change it until there is connectivity.
> There is the problem that if a user changes remotely and travels to a
> different site then they may be asked to change it again from the old to the
> new and then you could get some issues where the password from the latest
> change will take precedance but nothing will break.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Luiz" <Luiz@discussions.microsoft.com> wrote in message
> news:A5561841-1BCA-4C1E-83D6-301AB010E80F@microsoft.com...
> > Hi Paul,
> >
> > thank you for your response.
> > If you let me another question, just for curiosity, If the Additional AD
> > is
> > not a PDC, how is it possible the users change their passwords or the
> > workstations join to the domain?
> >
> > Best Regards.
> >
> > Luiz
> >
> > "Paul Bergson [MVP-DS]" wrote:
> >
> >> Nope. I have done just that. Once you get your link up and running the
> >> DC
> >> at the remote site will replicate its changes as will the changes that
> >> have
> >> occured from the domain as well.
> >>
> >> Just make sure you aren't disconnected longer than 180 days, which is the
> >> tombstone lifetime.
> >>
> >> --
> >> Paul Bergson
> >> MVP - Directory Services
> >> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> >> 2008, 2003, 2000 (Early Achiever), NT4
> >>
> >> http://www.pbbergs.com
> >>
> >> Please no e-mails, any questions should be posted in the NewsGroup This
> >> posting is provided "AS IS" with no warranties, and confers no rights.
> >>
> >> "Luiz" <Luiz@discussions.microsoft.com> wrote in message
> >> news:1710E14D-99F2-4160-B317-C1B4CD2A6257@microsoft.com...
> >> > Hi,
> >> >
> >> > I have a question about Additional AD and if anyone can help me I
> >> > appreciate:
> >> > - I have an AD 2003 environment wiht one Primary AD that is holding all
> >> > 5
> >> > FSMO┬┤s and several Additional AD sites.
> >> > I intend to add another AD in a remote site with low link so that I
> >> > will
> >> > configure the AD in my local network and then transport it to the
> >> > remote
> >> > site.
> >> > My remote site, the destiny of the Additional AD, will not have a link
> >> > with
> >> > principal site for one week but I intend join the workstations from the
> >> > remote site using that Additional AD, that will be a DNS Server as
> >> > well.
> >> >
> >> > I have created an test environment and the workstations join in the
> >> > Additional AD but I would like to know if it will have some problem
> >> > when
> >> > the
> >> > link with Primary add is on.
> >> >
> >> > Any concerend about it?
> >> >
> >> > Thanks for while.
> >> >
> >> > Luiz
> >>
> >>
> >>
>
>
>
Previous Topic:Movetree User, local profile issue Windows cannot log you on because your profile cannot be loaded..
Next Topic:Secondary AD question - Urgent
Goto Forum:
  


Current Time: Sat Oct 21 19:07:46 EDT 2017

Total time taken to generate the page: 0.02692 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software