Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

AD design check

Posted on 2004-11-30
9
Medium Priority
?
149 Views
Last Modified: 2010-04-14
Hi I just need someone to check this example design.

5 sites in total on a single AD v2 Tree/domain all using Win2k3 servers and 2000/xp clients.

Site 1 = main HUB HQ/Datacentre
             250 users
             2 DC/Global Cat
             Exchange
             File & print
             Application servers

Site 2 = connected to site 1 via 768Kb Wan
             50 users
             1 DC/GLobal Cat
             Exchange
             File & print

Site 3 = connected to site 1 via 256Kb Wan
             10 users
             no local DC/Global Cat server - users authenticate to site 2's DC
             Nas File & print
             Users connect to Exchange at site 2



My concerns are with Site 3 really. Will this design hold up, will the site 3 users hammer the 256k line when accessing the global cat server on site 2? What would you recommend in this situation?

0
Comment
Question by:hotdiggetydawg
  • 3
  • 3
  • 3
9 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12705650
Most people always have at least one DC with a copy of the GC at each site,,, that way if your WAN link goes down your users can still authenticate.  It all depends on how important uptime is in your business.  You have to weigh the cost/benifit of an additional DC at site 3 for only 10 users.
0
 

Author Comment

by:hotdiggetydawg
ID: 12705784
if it was decided that there was to be no DC/GC at site 3 would the 256 wan link be sufficient for access to the DC/GC (site 2) by the 10 site 3 outlook users?
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12705868
i think the 256 link would be OK, but it all depends on what you need exchange for really.  If you are mainly using it for text emails it will be fine, but if you email large attachments within your exchange organization you might want a faster link to speed interoffice email,,, but even if there is a DC/GC in site 3 three it wouldn't speed email authentication at all for site 3 users.  Of course the best solution would be to have an exchange server at each site.  In your setup the exchange server SHOULD authenticate to the DC/GC in site 2 since that is where exchange is.  You can check/change which DC your exchange server authenticates to (if you have SP2 on exchange) by rightclicking the exchange server in exchange system manager, then go to the directory access tab  and look at which server the "configuration domain controller" is.  This is the DC that exchange authenticates with.
0
[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

 
LVL 5

Expert Comment

by:jmacmicking
ID: 12706553
We've had 10+ people at sites with only 128k connections and didn't have problems.  We did find Outlook a little slow--we had them use Outlook Web Access (through Internet Explorer) instead and that worked fine.  Authentication was fine.  Worst case, 2000 and XP both support cached credentials by default so people can still access the PC and get on the internet if the main site was down.
0
 

Author Comment

by:hotdiggetydawg
ID: 12706865
Jmacmicking,

Was this using Exchange 2003? That is what were putting in place. I've heard that there can be real performance issues with this type of remote mail access with outlook clients.
0
 
LVL 5

Expert Comment

by:jmacmicking
ID: 12707041
It was originally Exchange 2000, it's now 2003.  We haven't tried Outlook since we upgraded though.  Outlook seemed sluggish (but bareable) even with only one person accessing it, when multiple people opened it around the same time it was bad.  However, a lot of the emails we see sent around are more then just plain text.  The network path back to our Exchange server wasn't exactly direct either so the bandwidth wasn't the only limiting factor.  Once we had them switch to using OWA though everything smoothed out.
0
 
LVL 25

Assisted Solution

by:mikeleebrla
mikeleebrla earned 600 total points
ID: 12707068
your problem might have been with your outlook clients and not the server at all since OWA was so fast. Did you have all of the patches installed on the outlook clients?  There are tons of them that could affect performance.
0
 

Author Comment

by:hotdiggetydawg
ID: 12707184
So would this be the reccomended setup?
Site 1 = main HUB HQ/Datacentre
             250 users
             2 DC/Global Cat
             Exchange
             File & print
             Application servers

Site 2 = connected to site 1 via 768Kb Wan
             50 users
             1 DC/GLobal Cat
             Exchange
             File & print

Site 3 = connected to site 1 via 256Kb Wan
             10 users
             local DC/Global Cat server
             Nas File & print
             Users connect to Exchange 2003 at site 2 / or Local exchange 2003? (for just 10 users?)

Sounds overkill to me but MS likes us to distribute servers around i suppose.
0
 
LVL 5

Accepted Solution

by:
jmacmicking earned 600 total points
ID: 12707385
We've only got two Exchange clusters in the state and 50+ sites.  However, given that we're located in DE two per state means everyone is relatively close.  We're about 15 miles from the Exchange cluster where I'm at and I've never had a problem (400 users, 4Mb pipe though).  Another nearby site, with an 800kb pipe and about 100 users, hasn't had any problems either.  

Personally; your original suggestion should work fine.  The Exchange server at the second site may not even be necessary unless the distance is to your first site is long or the path is convoluted.  With 10 users on a 256kb connection (and, apparently, all the patches for Outlook installed) a local DC and Exchange server seems overkill.  The third site shouldn't have any problems with authentication; if Outlook seems slow try OWA.  It's got most of the features but none of the bloat.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Currently, there is an issue with being able to copy values from an external application to a dropdown list in Project Web Access (PWA).  The standard copy and paste methods don't seem to work properly. Here is a way to accomplish this task to s…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Loops Section Overview
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question