Advice on adding a branch office with some 15 users to the Domain in Head Office

Hi,

I got a Branch Office with some 15 users coming up and i want to add the same to part of the domain in Head Office. Right now head office is having

2 - Windows 2003 SP2 AD servers

1- Exchange 2003 SP2 Server

For remote office mail, iam planning to use RPC over https for Laptop users and for Desktop users normal MAPi connection. What i want to know is, whats the best way to configure AD and DNS for the remote office?

Thanks

Qman 2007
qman2007Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
tgtranConnect With a Mentor Commented:
The answer depends on the bandwidth between the head office and the new remote office.  If you have a full P2P T1 connection, you can probably can get away with not having to install a new DC at the remote office.  However, if this remote office is also pulling files from the head office - the T1 bandwidth will probably clogged up with Exchange, AD authentication, email, internet...

The best option is to install a DC at the remote office.  Set it up on another subnet and configure AD Sites and Services.  This would allow users to be productive even the WAN connection to the head office is clogged up or disrupted.

Here is the quick overview:
1.  Establish WAN link with adequate bandwidth for now and a year or two from now (build in some growth)
2.  Decide on the subnet for the remote office - Say, if the head office's subnet is 10.10.10.x/24, you may want to consider 10.10.20.x/24.
3.  Install DC for the remote office at the head office - once done, change the IP address to match with the new subnet and relocate it to the remote office.
4.  DNS - if you are not using AD-integrated zones, you should.  DNS is installed automatically on the new DC if AD-integrated zones are present.  What you need is to add PTR zone (reverse lookup zone) for the new subnet.
5.  Configure AD Sites and Services by adding subnet and make one of the existing the bridgehead server for the head office.  This bridgehead server will replicate with the new DC and then update its neighbor (the other DC)
6.  Check connectivity - make sure users can login, email flows, and AD replicates..

0
 
JimboEfxConnect With a Mentor Commented:
Hello qman2007,

Briefly you will need:

VPN between sites.
Local DC with DNS installed as part of hq domain. Have it point primarilly to hq for dns and secondary to itself.
locl dhcp using local dns as primary entry and hq dns server as secondary
A new AD site for the branch off subnet so they authenticate locally first if possible. e.g. http://www.windowsitpro.com/Article/ArticleID/13380/13380.html

If you have any questions feel free to ask.

Regards,

JimboEfx
0
 
Erik BjersConnect With a Mentor Principal Systems AdministratorCommented:
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
qman2007Author Commented:
Hi,

My project is not yet over. So i am keeping this question open to get more suggestions or if i have a question in between the project i want to post it here.

Thanks

Qman
0
 
qman2007Author Commented:
Hi,

What should be the DNS settings for brach office DC as well as clients.

Further how can i check the replication between branch office and head office DC's

Regards

Qman
0
 
Erik BjersPrincipal Systems AdministratorCommented:
the computers at the branch office should look to their local server for DNS

You can check replication by using replmon (part of the server2003 support tools) http://www.microsoft.com/downloads/details.aspx?familyid=6EC50B78-8BE1-4E81-B3BE-4E7AC4F0912D&displaylang=en

eb
0
 
qman2007Author Commented:
Hi,

As you all give me some suggestions i am splitting the points for all three.

Thanks

Qman
0
All Courses

From novice to tech pro — start learning today.