NickGT20
asked on
AD design advise
Hi,
I'm trying to design a network. Here is my plan, tell me what you think.
Site A
Forest Root, Domain Controller, Exhcange, SAN.
Site B
Connected to Site A via VPN over T1. Joined to the domain in Site A and grouped as a Site in Sites and Services.
It would have it's own DC.
Site C
Currently only connected via the internet, RDP. Will eventually have a site to site VPN to Site A.
May or may not have it's own DC. Joined to the same domain in Site A and segmented into a site via Sites and Services.
This way I can schedule replication for off peak hours between the DCs and still administer everything from one location. Our main goal is something that can grow quickly with us. Right now there is only one Admin at site A. In a year from now we foresee the need for another admin at Site B. Would this design allow to quickly move to seperate domains or child domains under the same forest?
Thanks
I'm trying to design a network. Here is my plan, tell me what you think.
Site A
Forest Root, Domain Controller, Exhcange, SAN.
Site B
Connected to Site A via VPN over T1. Joined to the domain in Site A and grouped as a Site in Sites and Services.
It would have it's own DC.
Site C
Currently only connected via the internet, RDP. Will eventually have a site to site VPN to Site A.
May or may not have it's own DC. Joined to the same domain in Site A and segmented into a site via Sites and Services.
This way I can schedule replication for off peak hours between the DCs and still administer everything from one location. Our main goal is something that can grow quickly with us. Right now there is only one Admin at site A. In a year from now we foresee the need for another admin at Site B. Would this design allow to quickly move to seperate domains or child domains under the same forest?
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
unless you have a specific need for child domains then the above design is fine....make sure that you configure a site within AD for each site that you have and that you have a minimum of 1 DC and 1 DNS server per site as well as a GC
ASKER
Well, what I have is a DC with DNS and GC at site B and Site A.
Is it mandatory that site C have a DC? I thought it can still authenticate through the VPN to either Site B or Site A?
I hear conflicting reports as to whether I should just do Sites or child domains. As I am the only admin right now I want it to be easy for me to administer users and email. We only have one Exchange server right now. Site B has an exchange server that isn't in use right now, but will most likely get used once I get to configure it. If I can set up child domains and still have users replicated between the domains that would be good, and they still all need to use the single exchange server for now. And I want all the mail to look like it's coming from mydomain.com not sales.mydomain.com.
Thanks
Is it mandatory that site C have a DC? I thought it can still authenticate through the VPN to either Site B or Site A?
I hear conflicting reports as to whether I should just do Sites or child domains. As I am the only admin right now I want it to be easy for me to administer users and email. We only have one Exchange server right now. Site B has an exchange server that isn't in use right now, but will most likely get used once I get to configure it. If I can set up child domains and still have users replicated between the domains that would be good, and they still all need to use the single exchange server for now. And I want all the mail to look like it's coming from mydomain.com not sales.mydomain.com.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks guys.
not a problem
Regards,