hi all,

we are strongly thinking to create a third site in azure and move the witness in for our DAG

We have 2 datacenters = 2 geographic sites = 2 AD sites/ Exchange 2010  migration exchange 2013 soon.

After reading this article  several questions spring to mind :

question 1 - MS put a DC in azure :

>Should we create a new ad site ????

> can we configure this dc in azure to be in ad site of Datacenter 1 or Datacenter 2.

> why should we put a dc in azure

question 2  - which networks ports should we open betwen Datacenter and azure ? ldap, DNS and  ???

Regards,



Hi,

 Azure plan based on your network plan and messaging integration purpose.  Please go through this link and plan accordingly..

Activate directory synchronization: http://technet.microsoft.com/en-us/library/dn144766.aspx

Set up your directory sync computer: http://technet.microsoft.com/en-us/library/dn144767.aspx

Regards,

RCYSSELVA

thanks 

so for exemple, if i want to put a simple file server in azure (no exchange purpose) in any case i should put a dc with ldap sync on azure ?

because...my file server in azure must be able through vpn to communicate with dns and ldap on prem

No DC in azure needed, right ?

• Edited by kimimcp 16 hours 50 minutes ago

thanks 

so for exemple, if i want to put a simple file server in azure (no exchange purpose) in any case i should put a dc with ldap sync on azure ?

because...my file server in azure must be able through vpn to communicate with dns and ldap on prem

No DC in azure needed, right ?

• Edited by kimimcp Monday, May 04, 2015 2:34 PM

thanks 

so for exemple, if i want to put a simple file server in azure (no exchange purpose) in any case i should put a dc with ldap sync on azure ?

because...my file server in azure must be able through vpn to communicate with dns and ldap on prem

No DC in azure needed, right ?

• Edited by kimimcp Monday, May 04, 2015 2:34 PM

thanks 

so for exemple, if i want to put a simple file server in azure (no exchange purpose) in any case i should put a dc with ldap sync on azure ?

because...my file server in azure must be able through vpn to communicate with dns and ldap on prem

No DC in azure needed, right ?

• Edited by kimimcp Monday, May 04, 2015 2:34 PM

thanks 

so for exemple, if i want to put a simple file server in azure (no exchange purpose) in any case i should put a dc with ldap sync on azure ?

because...my file server in azure must be able through vpn to communicate with dns and ldap on prem

No DC in azure needed, right ?

• Edited by kimimcp Monday, May 04, 2015 2:34 PM

nobody is able to tell us why should i put a DC in azure just because i m going to put a simple fsw ?

it does not make sense to put on cloud on your entire AD just for a witness server

thanks

Hi,

As far as I know, Active Directory automatically builds the most efficient intersite replication topology using information you provide (through Active Directory Sites and Services) about your site connections. The directory stores this information as site link objects. One domain controller per site, called the intersite topology generator, is assigned to build the topology. More details about How Active Directory Replication Topology Works, please refer to: https://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

A Witness server is only used when there is an even number of nodes in the DAG and only utilized when its needed to maintain quorum, but Exchange will want to configure one so that it can automatically adjust the quorum configuration as you add and remove nodes.
Also, you can use this server for other purpose.

Thanks

Take a look at Using an Azure VM as a DAG Witness Server.

as i understand, microsoft advice is tu put the witness in a  third physical site. they do not say it must be a different site AD... so no Dc needed.

the third site can be in the same ad site of datacenter 1 ou datacenter 2.no new AD site creation required.