Link to home
Create AccountLog in
Avatar of mmm5
mmm5

asked on

AD in New 2003

Just installed Windows 2003 server.(will place in test environment before deployment).  Looking for documentation, links, on step by step instructions to setup typical active directory environment on brand new LAN network. Additionally, would like suggestions or recommendations, tips, caveats, etc., regarding AD with the following general network environment: Network is single domain(only one server). Network includes 100 users, 80 local(LAN), 20 via 7 branch offices(WAN) connected site-to-site VPN(behind firewall and NAT, and all on different subnet). All users required to login to main server(DC),for scripts and DNS. Organization has 5-6 different departments. Branch offices(subnetted) will use local device(firewall) for dhcp or manual ip config. All offices access internet via ISP using one IP behind NAT. THANKS.
SOLUTION
Avatar of Fatal_Exception
Fatal_Exception
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of mmm5
mmm5

ASKER

Samccarthy: No domain name yet, and there will be no web(internet server) presence.  I'm thinking of a non-standard domain name such as companyname.north. Will this have any ramifications ? Also, all workstations are running XP Pro. Is WINS really needed, or can I stay with TCP/IP only ? Just curious, at remote sites, is all traffic, internal and internet, going through your main firewall at main office, or is internet access routed through local firewalls. Also, do you have a back-up strategy in place. In other words, do user data files reside on network server or local workstation, or both ? THANKS.

No, the domin name will work just fine.  You will need WINS if you have any legacy applications or older systems that require it.  If you don't have the applications, go without it.  You can easily add it later if you do.

With the DNS the first setting in the remote firewall, all DNS requests go to the main DNS server for resolution.  That makes the network traffic fly, but their regular Internet activity will go out their local ISP connection.  Of course network traffic will go over the tunnel.

I use folder redirection for my users, so all their files are on a server.  For remote sites, and I have a few, with a DC onsite, the files reside there.  For those that just connect like yours are, the files reside at the remote server.  With Redirection, it keeps a local copy of the files, so should the link go down, my users can still get to the Internet and still work on their files and they will synchronize when the link is restored.  Works pretty darn good!
Avatar of mmm5

ASKER

Appreciate both answers. Thanks again !
Very good, and thank you!

FE