0

That is my case: Inside one building there are 3 different companies. Two of them using an SBS 2003 server for file sharing and exchange role. We also have a dedicated server W Indows 2003 for DNS and DHCP. We are trying to install a new SBS 2011 server with Exchange 2010 for the third company. All the computers are in the same network (192.168.100.0/24).

Problems:

1 - When I configured the new SBS it asked me to turn off DHCP on the router. I have done it. Then I was asked to turn off the other DHCP service (on Win 2003). I have done it. It is OK now for the new server but the old clients are not able to log in their domain if they get an IP address from the new server. I think the reason is that there are different domain suffixes: comp1.local, comp2.local.

Clients in comp1.local domain are not able to log in to comp1.local domain if they have a DNS suffix comp2.local. Or maybe I am wrong but now I switched off DHCP on both Win servers and enabled it inside the internet gateway. Now the login process is working fine. But (allways there is a BUT) the old users are not able to enter into their post office on the old server.

Ok, I figured it out. It was because of a wrong subnet mask (255.0.0.0 instead of 255.255.255.0). I switched back on the old DHCP/DNS and disabled it on the new SBS and inside the router so my new SBS is not a DHCP server anymore. If is it a problem (as I think) how can a solve it?

Need I separate the two subnets with a router and place the servers and their clients in their own subnet? If yes, this is the way, somebody is working for both companies and using all the servers and two mail boxes (different servers).

2 - The building has got only one internet connection with one fix external IP address but inside we have got two SBS servers with similar roles. How can different users access the external services (for example OWA) from outside the company? Should I choose different ports in the router to redirect them to the proper server inside?

Thx both of you! If I use VLANs or switches I can route browsing from one domain to another if needs? It needs for some people who works in both domain...

I was wondering what if we can simply move the old companies` stuff to the new server? I mean all the three company is in one hand but need to differentiate between them and there some people wo is working for only one, for two etc. It means different working folders, permissions from person to person. Should we use one XCH2010 server for 3 external domain (I mean comp1.com, comp2.com, comp3.com)? The domain and email/web hosting service provider is the same for all the 3 BTW. I hope yes, but I do not know how can we separate Web Workspaces for example... So it is not 3 individual companies, but 3 semi-separated department. Does it make sense?

sysadmin1138
  • 133,124
  • 18
  • 176
  • 300
Stefano
  • 1

2 Answers2

1

You can have more than one SBS server running on the same network serving different companies, BUT you can only have DHCP running on one of them. When an SBS server detects another DHCP server it will shut it's own DHCP service off. I've dealt with this a few times. I see two ways around this in your situation:

  1. Disable the DHCP service on all but one of the servers. For the clients who log on to the domains with the DHCP disabled server you'll need to assign them static ip addresses. This is not the preferred method as it adds the administrative overhead of having to manually manage the ip addressing of each client. You'll also have to deal with the issue of all of the clients at each company being visible in Network Neighborhood or My Network Places and you'll have to deal with the fact that you'll have one common broadcast domain for all of the clients and also potentially more risk of a malware infection on one client affecting clients at another company.

  2. Separate each company on to it's own switch or configure VLAN's on the current switch to separate each company. This will allow you to run the DHCP service on each server, serving the proper clients on the proper network and will allow you to maintain the proper separation of companies. Each switch or VLAN will need it's own router that uplinks to the main router or you'll need to configure a trunk port on the router in the case of VLAN's or you'll need a separate router interface for each switch.

In either case, each company will need it's own external ip address in order to facilitate forwarding RWW traffic to the appropriate SBS server.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
0

If I remember correctly, then Microsoft state quite explicitly that you should not attempt to run more than one SBS in the same network. And you are now finding out why.

There are ways around that, but they do require a lot of work, and you will most likely not end up with an entirely satisfactory result. The only proper way out of this is by running the two SBS servers on separate networks, with a router to provide combined Internet access.

wolfgangsz
  • 8,847
  • 3
  • 30
  • 34