Hi there, Please bear with me for I have a (relatively) complicated setup plan which my friend and I are in the midst of working out presently. We are working on learning Active Directory inside and out using Windows Server 2003 Std as well as various clients. We wish to setup our homes with a PDC each for our domains and then delegate trusts to one another for sharing purposes. Following this, we wish to setup ISA servers and then create a VPN tunnel to make all of this possible. Whilst I do have a good general idea about how to go about doing this, there is much that I am missing in my knowledge. For example, how do we allow one another to see and use the DNS servers (my house to my friends and allow Zone Transfers) We will be using Dynamic DNS in place of Static IP Addresses. We were hoping to create just one domain with multiple OU's and then excersice Group Policies in order to accomplish our needs. So, I wish to also add thatt I have a Windows Server 2003 AD domain (home.local) configured and working presently. How do I add my friend to my domain and allow connectivity with minimum administrative efforts. Thank you for all responses in advance. Will provide more info upon request. Hope this is clear. Darin Luckie

Ok, first lesson: "PDC" is not part of an active directory domain. The term PDC (primary domain controller) is Windows NT 4.0 (and earlier) nomenclature. While there is a PDC FSMO role, this is not the same thing. AD domains have DC's (domain controllers). Your assignment for today is to research Active Directory Domain Controller's on microsoft's website, or in text books if you already have some, and find out why they are called DC's and not PDC/BDC. Whilst I do have a good general idea about how to go about doing this, there is much that I am missing in my knowledge. I'm all for learning on your own. However, to do a proper job of it, you can't just rely on stumbling through things and hoping you'll find the answers as you go. The best thing you can do is get some good text books and get yourself over to microsoft's website and start doing some serious research and reading. I can tell from the fact that you used the term "PDC", that you do not have enough base knowledge to do what it is you wish to do. Generally speaking, one does the required reading/research before attempting to lab things out. Having lots of good bookmarks and text books on hand gives you reference materials when you screw up (and you will...as did we all while we were learning). You're kind of putting the cart ahead of the horse here and are not ready to do what you are asking about. You need to learn to walk before you start trying to run.

I understand the different between using the term's PDC/BDC and DC's in a 2k/2k03/2k08 environment versus the old NT term from years back. It goes back to the fact that a PDC and BDC were diferenciated as RW and RO (read-write and read-only, respectively). Whilst you may or may not beleive that I have insufficient knowledge to accomplish this task, I simply disagree based on my past few years of working with networks of various sizes and for a plethora of purposes. Nevertheless, in all my experience, I have not yet configured an AD Domain which spans more than one geographical site (that is, larger than one building) and therefore was simply asking for some guidance on how to configure the VPN aspect so that the two sites will have connectivity one with another. Moreover, I wrote this initial post during class and was in the middle of a discussion of the matter with a friend and therefore did not notice my addition of PDC and BDC, howbeit I understand the reason for one to jump to false conclusions regarding the matter. Lastly, whilst technology books are a wonderful place to seek and gain knowledge about the basics as well as learning more advantced skills; rarely, if ever do I find the them instructions on how to go about implementing a plan that I have set with specific details and have yet to find a document in the MS KB regarding "Setting up and configuring a VPN to establish multi-site connectivity for your Active Directory." Lastly, I thank you for the response and can only say that I am indeed frustrated. While I apreciate many people here directing me towards Google and the MS KB, I confess that prior to every post I make, I check out and research those (among others) sources for help. I come here to ask for a question hoping and with the understanding that a forum is for those seeking an answer to a "specific" problem, rather than to run before walking as you mentioned. Indeed, by this I certainly mean no disrespect nor anything of that sort. Alas, I cannot say I am not disapointed for seeking a simply answer and yet again being directed to "gain knowledge and visit Microsoft's website and technology books." Having read and continuing to read more and more in my search to grow in the knowledge that is in over-abundance in the IT field, I have realized that no one can know everything, yet we do what we can with what we know. "Talk is cheap". Best regards, Darin Darin Luckie

Hi, I am new here and i am very depressed by seeing this type of help..but i am with longman because he is right he is here because he need help and one who supposed to know should help him.I think Curt R is good person and he will ofcourse forget past post and will give him some fruitful help. Thanks If you are cruel to animal, you are cruel to human as well.

I do not disagree with the advice I was given by Curt R. in fact, quite the opposite, I am encouraged to be told the truth: We all need to study in order to grow in the knowledge of whatever field we choose to set our minds and hearts to(see 2 Tim 2:15). Nevertheless, my point was simply that I have a situation in which I desperately seeking an answer because (as I pointed in my previous post) I am unable to find direct and specific instructions in any text book that will guide me in accomplishing my goal. Moreover, it does not matter and I have found the answer I was seeking through research this morning. I simply hope that when someone else comes along seeking answers to a problem, they will indeed receive such as they have asked for. Nothing can replace the need for gaining more and more knowledge and therefore being shown as approved and worthy, but there is fault in us all...we are not perfect, nor will we ever be whilst on this earth. I wish everyone on this forum good luck and again hope to make it clear that while I disagree with the method withwhich some have chosen to answer questions (not only mine but others as well), I simply do not mean anything against anyone nor this forum. I firmly believe it to be just our inability to accept that we cannot do everything on our own and that is what I beleive a forum is here for. A community of people who share a common interest investing their own time and effort to provide for one another as needed and as requested. Not for us to direct everyone to Google and the MS Kb. Nevertheless, this is nothing but my two sense. "What you think doesn't matter; the sooner you learn that the happier you will be." God bless everyone and have a wonderful day. Darin Luckie