Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Dmitry Volkhontsev2015-07-30 10:03:37
Active Directory
Dmitry Volkhontsev, 2015-07-30 10:03:37

Somebody can prompt answers to some questions on AD?

Good day to all.
There are several questions about AD, tell me the answers to them:
1. Do I need to remove it from the domain when reinstalling Windows on a client computer if the client's dns name does not change in the end?
2. Do I need to remove the client computer from the domain when renaming it?
3. There is such a structure - the head office with the main DC and several additional offices within the same city, in which there are additional DCs. What is the best way to set up replication, place all DCs in one site or create a separate site for each office? At the moment, each DC is on its site, and between each add. DC and master are configured with a separate connection. Whether it is necessary to leave so or it is better to configure one communication between all DC?
4. Is there any way, let's say, to bind an OU to a security group? So that all users who fall into a specific OU are automatically placed in the correct security group?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
athacker, 2015-07-30
@DarkDD

3. The site is for this and the site is to give AD an understanding of the structure of your network. The replication parameters will depend on this, and, for example, such things as choosing a controller for authorization. If you make one site, then your users from the branch can log in to the "head" controller, or to any controller from another branch. Those. authorization will go through WAN channels, and will take the appropriate time.
Therefore, according to Feng Shui, you need to do as you have done now - each branch with its own controller is a separate site.
Yes, and the "principality" of the DC in the current structure of AD is a rather relative concept, now all controllers are equal. The difference can only be in the presence / absence of roles or a global catalog on a specific DC, but otherwise everyone is equal.

Report
O
oia, 2015-07-30
@oia

1 no
2 yes
3 separate site? and a replica with all ds

Similar questions
E
Evgeny Ferapontov2016-04-19 16:55:59
How to avoid a "race condition" after crashing a server rack with Hyper-V over SMB 3.0 deployed? 1Reply
C
ChiPer2014-02-12 12:09:23
How to replace a failed AD controller from 2008 to 2012? 3Reply
R
rinx2014-02-19 10:30:23
Why did the Sysvol and Netlogon folders disappear on one of the domain controllers? 1Reply
M
Modif2016-04-26 21:20:48
Prevention of monitoring a computer in a domain? 8Reply
I
Ivan2016-04-28 16:13:13
Why is the new certificate template not visible? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question