Can a Windows Server 2008 domain controller service multiple Active Directory sites?

I have a AD forest that is 2008 forest functional level.  I'd like to create an AD site for each physical location in the organization that contains only those subnets for the site.  However, I only have domain controllers at a few of those sites.  I thought I had read an article somewhere that mentioned that there was a new feature in Server 2008 that allowed a single domain controller to service multiple AD sites.  This wasn't a reghack, but a published ability that I thought could be managed through the AD Sites and Services snap-in.  However, I'm can not find anything that would let me do this in the tool.

To avoid questions, I'll try to describe the environment:
* Multiple physical locations (let's say 10 for academic reasons)
* Only a few of those locations need domain controllers (let's say 3 for academic reasons)
* The customer wants an AD site for every physical site
* There's a central site in the company that everyone talks to directly.  That site has multiple DC's.
* 2 of the remote physical sites will have a single domain controller
* 7 of the sites will not have a domain controller
* The single hub site should be the authentication source for itself and the 7 sites that do not have domain controllers

I came upon a KB article (200498) that mentions doing this for Windows 2000 and 2003.  It's basically a reghack to add a SiteCoverage value to the following location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters.

Is this still the only way to allow a DC to service multiple sites or is there something new and cool in 2008 that lets us do this another way?  And, I don't remember what article I read that talked about this, so I may have just been smoking something one day and thought I read something that didn't exist.  ;)

Also, I know that we can assign subnets from multiple physical sites into the central hub site, but that's not what I'm asking.  I want a domain controller (or multiple domain controllers) in ADSiteA to also service ADSiteB that does not have a domain controller.

Thanks in advance for your help!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

There is no reason W2K, W2K3 or even W2K8 wouldn't manage several sites as standard.
Its just the traffic that becomes an issue. And the new AD Stub Controller, allows remote AD servers to contain only their local credentials, so its its stolen, the whole org is not risked.

You will need at least 512K pipes for Group policy rollout, and enough to allow for authentication, apart from that, it will be the other services that make the customer spend the dollars, as it would be challenging to provide a remote fileserver and printserver while maintaining reasonable connection speeds for clients, or you'd better have a big pipe...
Brian PiercePhotographerCommented:
ideally you should have a DC at each site to prevent cross-site logon traffic - but its not essential. The default behaviour is for any client to attemempt to locate a DC in their own site for authentication, however, if no DC is found - or there is no response, then the client will seek another DC - This is the default behaviour - you need not do anything.
DustinHollenbackAuthor Commented:
debuggerau and KCTS,

I may not have been very clear with my question.  I understand the AD Site structure and when and where to place domain controllers based on bandwidth, latency, number of authenticated users, and all of the other variables.  And, based on the size of some of my locations, there is no way that I'll be placing a DC at those physical sites.

Is there a way in the new AD Sites and Services GUI to assign a single domain controller to service 2 or more defined AD sites?  I know that it is possible with a registry hack on the domain controller, but I wanted to see if this was more refined in Windows Server 2008.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Is there a way in the new AD Sites and Services GUI to assign a single domain controller to service 2 or more defined AD sites?

- We started asserted that it is possible, in fact, this is the default..

Which has got me wondering, what hack are you referring too?

The whole idea of which DC to login too is a mute one, as it will authenticate to whatever DC it can see first, and failing that, move onto the next, until it finds a resource to validate itself against...
you can force the clients in a site that has no DC's, to look to specific site DC's by weighting the site links.

How Domain Controllers Are Located in Windows XP

How to optimize the location of a domain controller or global catalog that
resides outside of a client's site

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DustinHollenbackAuthor Commented:
Hi Matthijssen,

This page is exactly what I was looking for:  The KB article does not mention Server 2008, but I'll hope that it hasn't changed in the new OS.  

Thank you!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.