AD design check

Hi I just need someone to check this example design.

5 sites in total on a single AD v2 Tree/domain all using Win2k3 servers and 2000/xp clients.

Site 1 = main HUB HQ/Datacentre
             250 users
             2 DC/Global Cat
             Exchange
             File & print
             Application servers

Site 2 = connected to site 1 via 768Kb Wan
             50 users
             1 DC/GLobal Cat
             Exchange
             File & print

Site 3 = connected to site 1 via 256Kb Wan
             10 users
             no local DC/Global Cat server - users authenticate to site 2's DC
             Nas File & print
             Users connect to Exchange at site 2



My concerns are with Site 3 really. Will this design hold up, will the site 3 users hammer the 256k line when accessing the global cat server on site 2? What would you recommend in this situation?

hotdiggetydawgAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mikeleebrlaCommented:
Most people always have at least one DC with a copy of the GC at each site,,, that way if your WAN link goes down your users can still authenticate.  It all depends on how important uptime is in your business.  You have to weigh the cost/benifit of an additional DC at site 3 for only 10 users.
0
hotdiggetydawgAuthor Commented:
if it was decided that there was to be no DC/GC at site 3 would the 256 wan link be sufficient for access to the DC/GC (site 2) by the 10 site 3 outlook users?
0
mikeleebrlaCommented:
i think the 256 link would be OK, but it all depends on what you need exchange for really.  If you are mainly using it for text emails it will be fine, but if you email large attachments within your exchange organization you might want a faster link to speed interoffice email,,, but even if there is a DC/GC in site 3 three it wouldn't speed email authentication at all for site 3 users.  Of course the best solution would be to have an exchange server at each site.  In your setup the exchange server SHOULD authenticate to the DC/GC in site 2 since that is where exchange is.  You can check/change which DC your exchange server authenticates to (if you have SP2 on exchange) by rightclicking the exchange server in exchange system manager, then go to the directory access tab  and look at which server the "configuration domain controller" is.  This is the DC that exchange authenticates with.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

jmacmickingCommented:
We've had 10+ people at sites with only 128k connections and didn't have problems.  We did find Outlook a little slow--we had them use Outlook Web Access (through Internet Explorer) instead and that worked fine.  Authentication was fine.  Worst case, 2000 and XP both support cached credentials by default so people can still access the PC and get on the internet if the main site was down.
0
hotdiggetydawgAuthor Commented:
Jmacmicking,

Was this using Exchange 2003? That is what were putting in place. I've heard that there can be real performance issues with this type of remote mail access with outlook clients.
0
jmacmickingCommented:
It was originally Exchange 2000, it's now 2003.  We haven't tried Outlook since we upgraded though.  Outlook seemed sluggish (but bareable) even with only one person accessing it, when multiple people opened it around the same time it was bad.  However, a lot of the emails we see sent around are more then just plain text.  The network path back to our Exchange server wasn't exactly direct either so the bandwidth wasn't the only limiting factor.  Once we had them switch to using OWA though everything smoothed out.
0
mikeleebrlaCommented:
your problem might have been with your outlook clients and not the server at all since OWA was so fast. Did you have all of the patches installed on the outlook clients?  There are tons of them that could affect performance.
0
hotdiggetydawgAuthor Commented:
So would this be the reccomended setup?
Site 1 = main HUB HQ/Datacentre
             250 users
             2 DC/Global Cat
             Exchange
             File & print
             Application servers

Site 2 = connected to site 1 via 768Kb Wan
             50 users
             1 DC/GLobal Cat
             Exchange
             File & print

Site 3 = connected to site 1 via 256Kb Wan
             10 users
             local DC/Global Cat server
             Nas File & print
             Users connect to Exchange 2003 at site 2 / or Local exchange 2003? (for just 10 users?)

Sounds overkill to me but MS likes us to distribute servers around i suppose.
0
jmacmickingCommented:
We've only got two Exchange clusters in the state and 50+ sites.  However, given that we're located in DE two per state means everyone is relatively close.  We're about 15 miles from the Exchange cluster where I'm at and I've never had a problem (400 users, 4Mb pipe though).  Another nearby site, with an 800kb pipe and about 100 users, hasn't had any problems either.  

Personally; your original suggestion should work fine.  The Exchange server at the second site may not even be necessary unless the distance is to your first site is long or the path is convoluted.  With 10 users on a 256kb connection (and, apparently, all the patches for Outlook installed) a local DC and Exchange server seems overkill.  The third site shouldn't have any problems with authentication; if Outlook seems slow try OWA.  It's got most of the features but none of the bloat.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.