HI there,
Why create a new domain? You don't actually need to do this unless you have a specific need. The new site can be in the same domain. In fact, unless you really have a good reason, I would urge you not to create a new domain. It just doubles the administrative burden and adds a level of complexity you don't need.
Create the VPN link between the two sites, and promote a DC. Make it a DNS server and a Global catalog.
This will act as the DC in the new site, but still in the same domain. You then configure AD Sites and Service as such:
1. Create a new site object to represent your new site.
2. Move the new server into the new site in the console.
3. Then you need to create subnet objects and associate them with the relevant site. Say site1 is on 192.168.1.0/24, then create a subnet object to represent this, and associate it with site1. Do this for every subnet you have.
After you have move the server object, give it around 15 minutes for AD to think about the new layout and configure it's connection objects.
Once you have done this, this will mean that clients can use their local domain controller for DNS, and don't try to authenticate over the VPN. It also optimises replication across the link. Replication will occur according to the rules of the DEFAULTIPSITELINK object, in the 'Intra-Site Transports/IP' container. The default interval is 180 minutes, meaning that replication will occur every 180 minutes, you can change this as you wish.
Tony
