Looking for an Active Directory guru for some advice

[Uncle Toxie]

I just started a new job and inherited the Active Directory setup from hell. So I am in the process of cleaning up this mess but I have a big project that needs to get done and it is way beyond my scope of knowledge as far as AD is concerned.

Here is what I have; two W2K Active Directory servers in two different cities on two different subnets (192.168.1.x and 192.168.2.x). The two sites are connected by VPN via Cisco Pix 501's.

I am at domain 1 and the remote site is domain 2, they have different domain names also. I can browse to domain 2 using the UNC (domain 2 or even 192.168.2.x) I can not see the other domain listed under My Network Places.

I have replecation software that I need to use to replicate data from a server on domain 2 to the server on domain 1 and it can only use what is listed in My Network Places.

If there is anyone that can help me solve this I will be forever in your debt!

[mubix]

Are they both set up as domain masters? aka forest roots? If so, you are in for a shit storm and I would rebuild with 3 servers, the two already in place and a third you can make the domain master, or forest root, because that server will be burdened enough.

[Uncle Toxie]

Right now each server is only a domain controller for it's domain. As far as I can tell there is no forest at all. There is a two way trust between both domains but no forest.

[mubix]

Create the forest, you'll thank me later

[Uncle Toxie]

How 'bout I thank you now?

I owe you huge for this Mubix. I had what could barely be called a class in AD that I ended up knowing more than the instructor ( and I know close to jack and shit) and I had this tossed in my lap on my second day of work.

I guess it is true that the best way to learn is to get in there and do it.

[mubix]

No problem, it is my job as the resident ____________

A) God

B) Demi-God

C) Expert

D) Linux Guru

E) Geek

F) Bored dumbass

G) newb

[Uncle Toxie]

I don’t suppose you can recommend a book or two on managing AD 2K?

[mubix]

The Microsoft one. They all read horrible, but you get the most extensive wealth of knowledge on it.

[Uncle Toxie]

:( *sigh*

I swear to God this is going to kill me. I have ordered the O'Riely book (it was hella cheap) but it won't be here for two weeks at best. For some reason the global interweb has betrayed me.

I have spent the bulk of this weekend trying to figure out how to add an existing domain on one subnet to the forest of another existing domain on a another subnet. Nothing, nada, zip. I have officialy lost my ability to use Google, and I have a migrain the size of Texas.

Please, for the love of anything, if someone knows how to, or knows a site that explains how to do this I will......... well hell I dunno what, but damnit I am about to put my fist through a monitor :x

[VaKo]

I'm a complete n00b at active directory, just been watching some videos on it so far. But is this any help?

http://www.microsoft.com/downloads/details...;displaylang=en

[Sparda]

Setting up a single DC AD is piss easy, securing it not as easy, setting up a multi DC AD = hell :P

[Uncle Toxie]

Setting up a single DC AD is piss easy, securing it not as easy, setting up a multi DC AD = hell :P

Your telling me, I can do one of them in my sleep but getting these to fu&^$% things to join up is beyond me.

[mubix]

Piece of cake. just takes a bit o' panash