I have 3 AD servers with windows server 2008 R2 at 3 different places, main server is at datacenter and 2 are in our local office which are at 2 different place.
I want to synchornize all the 3 server together, were datacenter server should be central server and rest 2 servers should synch with the datacenter server. Please provide us the steps or tutorial to do this.
Also we want that once the changes are done in 1 of the AD server the changes are automatically done in all the servers. For example if I change the password of user in our local server it should be updated in our main AD server and other branch server too.
Please provide us the steps or tutorial to do this asap.
I have one more question I have already created main datacenter AD as domain.local and other domains as xyz.local and abc.local, how can I replicate the additional AD domains with main datacenter DC, also do we require VPN connection, is there any other way to replicate the servers without using VPN connection?
Best Answer
You don't need to do anything. The standard Active Directory topology does this automagically.
If you want to explicitly enforce that all changes MUST be replicated through the "central" server, and not directly from node-to-node, you can do this. Have a poke around in the Active Directory Sites and Services MMC, as this is where the replication rules are controlled from.
What you need to do is set up all of the physical sites as sites in Sites and Services, and then move each domain controller into their appropriate site. Then, expand each domain controller and go to its NTDS settings. From here you can either delete or create new links between the domain controllers.
What you want to do is have each domain controller contact each other domain controller that is in the same site (so servers within each physical location sync immediately with each other), and then create an additional connection to the central domain controller.
Also, I have the main domain say for example xyz.local and two additional domain controllers. How can I synchornize them with .local domains how can we replicate it? Do we require a VPN connection in order to replicate the data of xyz.local to our other branch domain controller?