SBS 2000 and SBS 2003: additional Domain Controllers

Good morning!

I just wanted to spread the word that in SBS 2000 and SBS 2003 environments
you can indeed have another Domain Controller ( so long as it is running
'just' Windows 2000 or Windows 2003 server and N*O*T SBS ) as long as that
additional Domain Controller is simply 'an additional Domain Controller in
an existing Domain'. In fact, for clarification you may have multiple
additional Domain Controllers

Furthermore, the SBS box needs to hold all five of the FSMO Roles ( Schema
Master, Domain Naming Master, PDC Emulator, RID Master and Infrastructure
Master ).

The other more common restriction is that there can be no Trust set up in an
SBS environment [ except, naturally, in the case whereby you set up a
temporary Trust ( seven days ) to migrate from SBS 2000 to SBS 2003, IIRC ].

There seems to be a common misconception that the SBS server is the only
allowed Domain Controller. This is simply not the case. Just understand
that the SBS box has to be the first Domain Controller ( as each
installation of SBS starts a new forest ) in the environment!

--
Cary W. Shultz
Roanoke, VA 24014
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

Yep - all true. Sadly, most people probably won't read/search/lurk in the
newsgroups to find & read this before posting questions about same....

 

Hello Cary, I have done several deployments with additional DCs to SBS
envoirments for redundancy porpuse.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup

 

I always thought that was stupid but have never dabbled in SBS much. I
guess everything you read on the internet is not true

--

Rodney Buike MCSE 2000/2003
http://thelazyadmin.com

 

Sure it is! Look, it's even got a nice font. It must be.

 

Agreed.

I guess that I started ( some three+ years ago ) simply looking through the
newsgroups at the posts and trying to find the answer on my own in the lab.
I then started searching for things ( such as 'replication' ) and became
quite used to searching first, then posting. That is not to say that I did
not sometimes post a question without looking for a similar topic ( and
reply ). I think that everyone does this sometimes. But a lot of people
would find answers within minutes were they to simply search first.

How many times do we see the topic - in one form or another - of 'account
lockout' or 'remove dead DC' or 'password policy' or 'Native Mode' each
week? It seems to me that the same seven or eight questions are asked every
week. I am not complaining. If people were to search before they posted
they would probably have an answer faster! Minutes instead of hours or
days! But it is all good!

--
Cary W. Shultz
Roanoke, VA 24014
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



"Lanwench [MVP - Exchange]"

 

Yep - and google is everyone's friend.