[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1465
  • Last Modified:

Need for Domain Controller / DNS Server Branch Office

Need for Domain Controller / DNS Server Branch Office

I need help in putting together a justification for having a Domain Controller and a DNS server in our office. We are a state agency and with about 300 users. Our main office will be moving and merging with another office, we will have 100 users in this site and we will have 10 servers 3 of which are we servers (we currently have 60 users). The 5 regional offices connect back to use to access proprietary SQL applications. Currently we are part of a Win 2003 AD domain, we are in a building with other state agencies and we do not have a Domain Controller or DNS server, it is housed in another agency. We will be moving to a stand alone building connected back to the main site with a T1 line. I feel we should have our own Domain Controller and DNS server. Am I right? I’m thinking it would cut down on traffic if logon authentication and DNS name resolution happened in house rather than going over the T1 back to the main office. Also if the T1 goes down then we would not be able to login at all and could not print or access networked apps or files.
0
TimSharpe02118
Asked:
TimSharpe02118
2 Solutions
 
TheCleanerCommented:
You definitely should have one, even if it becomes as necessary as building a workstation as a DC with DNS.

If the T1 is down without one the user may still be able to login locally using cached information, but no network access would be available to the local servers unless you had local user accounts on the server for each user to access it with.

Further DNS would be offline, so you would have to resolve any local servers via IP address or cached DNS information.


Having a DC at each site also cuts down on WAN traffic, because authentication is done locally at the site, and will speed up login times and authentication requests to servers/Exchange, etc. because the Kerberos tickets will be localized.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You don't have to reinvent the wheel here... Microsoft has recently put together a number of valuable resources to help you determine the best solution for your situation.  While adding your own DC and DNS server can be helpful... it's possible that using other technologies such as Distributed File System can offer you better performance as well.  

Take a look at what they have put together:  http://www.microsoft.com/windowsserversystem/solutions/branch/default.mspx

And a good third-party analysis of their Branch Office Solutions:  http://www.windowsnetworking.com/articles_tutorials/Review-Microsofts-Branch-Office-Infrastructure-Solution-BIOS.html

Jeff
TechSoEasy
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now