"jering" <jer***@discussions.microsoft.com> wrote in message
news:1BBFE86E-4339-4AAB-8A95-B0EB73043FF4@microsoft.com...
> Are there any problems related to moving domain controllers to other OU`s
> than the default container "Domain controllers"? As long as the policy
> "Default domain controller policy" are linked to the specific OU, I can`t
> see
> any problem...but I would like to get this confirmed.

"Andrei Ungureanu" wrote:

> I didn't knew that you can move the DCs out of the Domain Controllers OU.
>
> --
> Regards,
> Andrei Ungureanu
> www.eventid.net
> Test our new EventReader!
> http://www.altairtech.ca/eventreader/default2.asp?ref=au
>
> "jering" <jer***@discussions.microsoft.com> wrote in message
> news:1BBFE86E-4339-4AAB-8A95-B0EB73043FF4@microsoft.com...
> > Are there any problems related to moving domain controllers to other OU`s
> > than the default container "Domain controllers"? As long as the policy
> > "Default domain controller policy" are linked to the specific OU, I can`t
> > see
> > any problem...but I would like to get this confirmed.
>
>
>

> Are there any problems related to moving domain controllers to other OU`s
> than the default container "Domain controllers"? As long as the policy
> "Default domain controller policy" are linked to the specific OU, I can`t see
> any problem...but I would like to get this confirmed.

"Joe Richards [MVP]" wrote:

> You can do this but it isn't recommended. You may find products that
> assume incorrectly that all DCs are in the domain controllers OU.
>
> I have yet to see a good reason to move DCs. Most times people think
> they will do it to set up alternate policies for the DCs which is just
> silly thinking they can do special per DC delegation.
>
> What reason do you want to do it for?
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> Author of O'Reilly Active Directory Third Edition
> www.joeware.net
>
>
> ---O'Reilly Active Directory Third Edition now available---
>
>          http://www.joeware.net/win/ad3e.htm
>
>
>
> jering wrote:
> > Are there any problems related to moving domain controllers to other OU`s
> > than the default container "Domain controllers"? As long as the policy
> > "Default domain controller policy" are linked to the specific OU, I can`t see
> > any problem...but I would like to get this confirmed.
>

"jering" <jer***@discussions.microsoft.com> wrote in message
news:2D95306F-4EDF-4B03-B124-3D51D55D699E@microsoft.com...
> There is a policy setting DC1 as a NTP-server, and another policy enabling
> NTP-client pointing to DC1 as NTP-server. I wanted this client-policy to
> apply to DC2, but not to DC1, because that would point to itself as a
> NTP-client.
> That`s why I moved DC2 to a new OU where I applied the NTP-client policy.
> But I guess there are better ways to sync time between DC`s?
>
> --Jan Egil--
>
> "Joe Richards [MVP]" wrote:
>
>> You can do this but it isn't recommended. You may find products that
>> assume incorrectly that all DCs are in the domain controllers OU.
>>
>> I have yet to see a good reason to move DCs. Most times people think
>> they will do it to set up alternate policies for the DCs which is just
>> silly thinking they can do special per DC delegation.
>>
>> What reason do you want to do it for?
>>
>> --
>> Joe Richards Microsoft MVP Windows Server Directory Services
>> Author of O'Reilly Active Directory Third Edition
>> www.joeware.net
>>
>>
>> ---O'Reilly Active Directory Third Edition now available---
>>
>>          http://www.joeware.net/win/ad3e.htm
>>
>>
>>
>> jering wrote:
>> > Are there any problems related to moving domain controllers to other
>> > OU`s
>> > than the default container "Domain controllers"? As long as the policy
>> > "Default domain controller policy" are linked to the specific OU, I
>> > can`t see
>> > any problem...but I would like to get this confirmed.
>>

"Jorge de Almeida Pinto [MVP]" wrote:

> >>>>But I guess there are better ways to sync time between DC`s?
>
> well.....ehhh... yes there is.
>
> How about the default time sync mechanism that exists within an AD forest
>
> the only time config in each AD forest = the PDC FSMO of the Forest Root
> Domain. For everything else... use the default mechanism
>
> --
>
> Cheers,
> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>
> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>
> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
> ------------------------------------------------------------------------------------------
> * This posting is provided "AS IS" with no warranties and confers no rights!
> * Always test before implementing!
> ------------------------------------------------------------------------------------------
> #################################################
> #################################################
> ------------------------------------------------------------------------------------------
> "jering" <jer***@discussions.microsoft.com> wrote in message
> news:2D95306F-4EDF-4B03-B124-3D51D55D699E@microsoft.com...
> > There is a policy setting DC1 as a NTP-server, and another policy enabling
> > NTP-client pointing to DC1 as NTP-server. I wanted this client-policy to
> > apply to DC2, but not to DC1, because that would point to itself as a
> > NTP-client.
> > That`s why I moved DC2 to a new OU where I applied the NTP-client policy.
> > But I guess there are better ways to sync time between DC`s?
> >
> > --Jan Egil--
> >
> > "Joe Richards [MVP]" wrote:
> >
> >> You can do this but it isn't recommended. You may find products that
> >> assume incorrectly that all DCs are in the domain controllers OU.
> >>
> >> I have yet to see a good reason to move DCs. Most times people think
> >> they will do it to set up alternate policies for the DCs which is just
> >> silly thinking they can do special per DC delegation.
> >>
> >> What reason do you want to do it for?
> >>
> >> --
> >> Joe Richards Microsoft MVP Windows Server Directory Services
> >> Author of O'Reilly Active Directory Third Edition
> >> www.joeware.net
> >>
> >>
> >> ---O'Reilly Active Directory Third Edition now available---
> >>
> >>          http://www.joeware.net/win/ad3e.htm
> >>
> >>
> >>
> >> jering wrote:
> >> > Are there any problems related to moving domain controllers to other
> >> > OU`s
> >> > than the default container "Domain controllers"? As long as the policy
> >> > "Default domain controller policy" are linked to the specific OU, I
> >> > can`t see
> >> > any problem...but I would like to get this confirmed.
> >>
>
>
>

> I`ll move it back to the default container then.
>
> "Jorge de Almeida Pinto [MVP]" wrote:
>
>>>>>> But I guess there are better ways to sync time between DC`s?
>> well.....ehhh... yes there is.
>>
>> How about the default time sync mechanism that exists within an AD forest
>>
>> the only time config in each AD forest = the PDC FSMO of the Forest Root
>> Domain. For everything else... use the default mechanism
>>
>> --
>>
>> Cheers,
>> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>>
>> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>>
>> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
>> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
>> ------------------------------------------------------------------------------------------
>> * This posting is provided "AS IS" with no warranties and confers no rights!
>> * Always test before implementing!
>> ------------------------------------------------------------------------------------------
>> #################################################
>> #################################################
>> ------------------------------------------------------------------------------------------
>> "jering" <jer***@discussions.microsoft.com> wrote in message
>> news:2D95306F-4EDF-4B03-B124-3D51D55D699E@microsoft.com...
>>> There is a policy setting DC1 as a NTP-server, and another policy enabling
>>> NTP-client pointing to DC1 as NTP-server. I wanted this client-policy to
>>> apply to DC2, but not to DC1, because that would point to itself as a
>>> NTP-client.
>>> That`s why I moved DC2 to a new OU where I applied the NTP-client policy.
>>> But I guess there are better ways to sync time between DC`s?
>>>
>>> --Jan Egil--
>>>
>>> "Joe Richards [MVP]" wrote:
>>>
>>>> You can do this but it isn't recommended. You may find products that
>>>> assume incorrectly that all DCs are in the domain controllers OU.
>>>>
>>>> I have yet to see a good reason to move DCs. Most times people think
>>>> they will do it to set up alternate policies for the DCs which is just
>>>> silly thinking they can do special per DC delegation.
>>>>
>>>> What reason do you want to do it for?
>>>>
>>>> --
>>>> Joe Richards Microsoft MVP Windows Server Directory Services
>>>> Author of O'Reilly Active Directory Third Edition
>>>> www.joeware.net
>>>>
>>>>
>>>> ---O'Reilly Active Directory Third Edition now available---
>>>>
>>>>          http://www.joeware.net/win/ad3e.htm
>>>>
>>>>
>>>>
>>>> jering wrote:
>>>>> Are there any problems related to moving domain controllers to other
>>>>> OU`s
>>>>> than the default container "Domain controllers"? As long as the policy
>>>>> "Default domain controller policy" are linked to the specific OU, I
>>>>> can`t see
>>>>> any problem...but I would like to get this confirmed.
>>
>>

"jering" <jer***@discussions.microsoft.com> wrote in message
news:1BBFE86E-4339-4AAB-8A95-B0EB73043FF4@microsoft.com...
> Are there any problems related to moving domain controllers to other OU`s
> than the default container "Domain controllers"? As long as the policy
> "Default domain controller policy" are linked to the specific OU, I can`t
> see
> any problem...but I would like to get this confirmed.