|
View Full Version : Lab Setup
I am running W2K with AD with 100 users all on a 192.168.1.0 subnet. I
want to setup a lab environment with a new AD and a few workstations
to test with. I need my default gateway on this to go out and get
updates etc. But I don't want my production AD to see my lab AD. What
would I need to setup a subnet for the lab environment?
|
If you are just using gateway to go trough router out to the internet it is
not necesary true, that your production enviroment can see your LAB network,
as the route must be two way. I don't think, that there will be any problem
with this setup.
--
Regards
Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
matjaz@ladava.com, matjazl@mvps.org
"Pat" wrote in message
news:q54n30d5gce7p0l8jtbd0j9urg2fsbk9l3@4ax.com...
>I am running W2K with AD with 100 users all on a 192.168.1.0 subnet. I
> want to setup a lab environment with a new AD and a few workstations
> to test with. I need my default gateway on this to go out and get
> updates etc. But I don't want my production AD to see my lab AD. What
> would I need to setup a subnet for the lab environment?
|
On Tue, 24 Feb 2004 21:06:52 +0100, "Matjaz Ladava [MVP]"
wrote:
>If you are just using gateway to go trough router out to the internet it is
>not necesary true, that your production enviroment can see your LAB network,
>as the route must be two way. I don't think, that there will be any problem
>with this setup.
so I could put the lab on the same subnet as my production network?
setup another AD forest and use both on same subnet?
|
On Tue, 24 Feb 2004 21:06:52 +0100, "Matjaz Ladava [MVP]"
wrote:
>If you are just using gateway to go trough router out to the internet it is
>not necesary true, that your production enviroment can see your LAB network,
>as the route must be two way. I don't think, that there will be any problem
>with this setup.
what would happen to AD if I throw another AD server on the same
subnet? would they try to join one another? would trusts have to be
setup for them to communicate? I want them to be totally independent
of each other, one for testing one being my live AD.
|
I would put a lab enviroment on separate subnet. Depending on how you setup
your lab enviroment, you can not have two domains with the same netbios name
on the same subnet.
--
Regards
Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
matjaz@ladava.com, matjazl@mvps.org
"Pat" wrote in message
news:rsdn30t3n75o5cj6p3ejo1b6aektlrjeq2@4ax.com...
> On Tue, 24 Feb 2004 21:06:52 +0100, "Matjaz Ladava [MVP]"
> wrote:
>
>>If you are just using gateway to go trough router out to the internet it
>>is
>>not necesary true, that your production enviroment can see your LAB
>>network,
>>as the route must be two way. I don't think, that there will be any
>>problem
>>with this setup.
> what would happen to AD if I throw another AD server on the same
> subnet? would they try to join one another? would trusts have to be
> setup for them to communicate? I want them to be totally independent
> of each other, one for testing one being my live AD.
|
what I have now is the following
Production network:
W2K with AD and 100 users. on a 192.168.1.0 subnet.
Lab network:
W3K Ras server joined to production network for routing
nic #1 192.168.1.241
nic #2 10.100.0.1
lab network on 10.100.0.0 subnet
lab xp WS 10.100.0.2
lab W3K server 10.100.0.3
can see production network from lab network.
my question is . if I setup a new AD forest on lab network, will it
affect my production AD by default. I want the two to be separate?
On Tue, 24 Feb 2004 22:18:00 +0100, "Matjaz Ladava [MVP]"
wrote:
>I would put a lab enviroment on separate subnet. Depending on how you setup
>your lab enviroment, you can not have two domains with the same netbios name
>on the same subnet.
|
no it won't.
--
Regards
Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
matjaz@ladava.com, matjazl@mvps.org
"Pat" wrote in message
news:ljiu30ljrrk376jdsamvm1t8u5h254isnm@4ax.com...
> what I have now is the following
> Production network:
> W2K with AD and 100 users. on a 192.168.1.0 subnet.
>
> Lab network:
> W3K Ras server joined to production network for routing
> nic #1 192.168.1.241
> nic #2 10.100.0.1
> lab network on 10.100.0.0 subnet
>
> lab xp WS 10.100.0.2
> lab W3K server 10.100.0.3
>
> can see production network from lab network.
> my question is . if I setup a new AD forest on lab network, will it
> affect my production AD by default. I want the two to be separate?
>
> On Tue, 24 Feb 2004 22:18:00 +0100, "Matjaz Ladava [MVP]"
> wrote:
>
>>I would put a lab enviroment on separate subnet. Depending on how you
>>setup
>>your lab enviroment, you can not have two domains with the same netbios
>>name
>>on the same subnet.
>
|
On Fri, 27 Feb 2004 08:58:21 -0500, Pat wrote:
>what I have now is the following
>Production network:
> W2K with AD and 100 users. on a 192.168.1.0 subnet.
>
>Lab network:
>W3K Ras server joined to production network for routing
>nic #1 192.168.1.241
>nic #2 10.100.0.1
>lab network on 10.100.0.0 subnet
>
>lab xp WS 10.100.0.2
>lab W3K server 10.100.0.3
>
>can see production network from lab network.
>my question is . if I setup a new AD forest on lab network, will it
>affect my production AD by default. I want the two to be separate?
>
What Matjaz says. When you install Windows 2000 on the first machine
on the lab network, you just tell it to create a new forest and a new
domain in that forest. It is then totally seperate from your other
forest.
Cheers,
Cliff
(MVP)
|
Matjaz,
I would have to setup a trust "IF" I wanted the two forests to access
each other, is that right?
On Sat, 28 Feb 2004 00:31:34 +0100, "Matjaz Ladava [MVP]"
wrote:
>no it won't.
|
>What Matjaz says. When you install Windows 2000 on the first machine
>on the lab network, you just tell it to create a new forest and a new
>domain in that forest. It is then totally seperate from your other
>forest.
>
>Cheers,
>
>Cliff
>
>(MVP)
Cliff,
any DNS issues having two DNS servers?
|
Yup you would have to, but I don't think that you would alow lab accounts to
access your domain data ? or would you ?
--
Regards
Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
matjaz@ladava.com, matjazl@mvps.org
"Pat" wrote in message
news:4iv040dtfv39k97skarlr4ccln8pfe1mh1@4ax.com...
> Matjaz,
> I would have to setup a trust "IF" I wanted the two forests to access
> each other, is that right?
>
> On Sat, 28 Feb 2004 00:31:34 +0100, "Matjaz Ladava [MVP]"
> wrote:
>
>>no it won't.
>
|
On Sat, 28 Feb 2004 08:52:43 -0500, Pat wrote:
>
>>What Matjaz says. When you install Windows 2000 on the first machine
>>on the lab network, you just tell it to create a new forest and a new
>>domain in that forest. It is then totally seperate from your other
>>forest.
>>
>
>Cliff,
>any DNS issues having two DNS servers?
>
Mmm, can you expand on that? A DNS server can serve as many Domains as
you need, but if you have AD Integrated DNS, replication will only be
within that Domain, I believe.
DNS is not tied to a Domain, except for replication as above. The only
AD requirements for DNS are that it supports SRV records and more
importantly that it can be located by AD to do lookups. (I simplify a
little!) It doesn't *have* to reside within a Domain, a forest, or
even an organisation. It could be on the moom if your AD could find it
and it supports SRV records.
Of course most people will have DNS servers within their
organisations, and almost always on servers within their trees, but
often the only DNS really needed is a couple of DNS servers in the
root Domain of the tree. All subdomains can then use those servers.
I find it really useful to think of DNS being a seperate entity from
AD, even if it contains the AD records and resides on a
domain/tree/forest server. A lot of the type of question you asked
tend to go away if you think of it that way.
I don't know if I've answered the question in there. If not can you
give more details?
Cheers,
Cliff
(MVP)
|
|
|
|