Multi domain VS single domain infrastructure
Hi All,
I work for a company with offices in 7 countries worldwide. We will have to put a server in each office and of course connect them in a full mesh network.
We will have about 10 servers which users will have to connect with RDP (Terminal servers) and work on them. They have to be able to authinticate with no problems, hopefuly using their windows login credentials - hope all this makes sense.
Now the question :
Woudl you recommend having 1 global domain and then have DC's in each office which replicate with all the other ones ?
Or maybe have 1 central DC with the main domain and then have sub-domains in each branch office and set up trusts between them ?
Please give your view as this is a bit new to me. I understand the rules of AD and the way tit works so don't worry to use technical terms. Any input will be really appreciated.
Thank you.
I work for a company with offices in 7 countries worldwide. We will have to put a server in each office and of course connect them in a full mesh network.
We will have about 10 servers which users will have to connect with RDP (Terminal servers) and work on them. They have to be able to authinticate with no problems, hopefuly using their windows login credentials - hope all this makes sense.
Now the question :
Woudl you recommend having 1 global domain and then have DC's in each office which replicate with all the other ones ?
Or maybe have 1 central DC with the main domain and then have sub-domains in each branch office and set up trusts between them ?
Please give your view as this is a bit new to me. I understand the rules of AD and the way tit works so don't worry to use technical terms. Any input will be really appreciated.
Thank you.
ASKER
Cool, thanks for the comment.
Few question though :
1) with all the DC's replicating over the internet (as our branch offices are all over the world) won't it slow down the connections ? I have no idea how big is the traffic when DC's are replicating with one-another ?
2) Have anyone got experience with making their DC a file server as well ? I know DC's are under quite heavy load without giving them more tasks to do but again haven't got much experience in that field. The theory says it shouldn't matter but in real life it could be totally different :)
Thanks
Few question though :
1) with all the DC's replicating over the internet (as our branch offices are all over the world) won't it slow down the connections ? I have no idea how big is the traffic when DC's are replicating with one-another ?
2) Have anyone got experience with making their DC a file server as well ? I know DC's are under quite heavy load without giving them more tasks to do but again haven't got much experience in that field. The theory says it shouldn't matter but in real life it could be totally different :)
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wicked, that's pretty much all I need to know :)
Thanks for the input.
Thanks for the input.
I would not recommend installing DCs which are made members of separate child domains. This only adds unnecessary complexity, confusion and makes you more susceptible to major issues if one of the DCs goes down.
Instead, I would suggest you create one Active Directory domain, and make all the DCs additional DCs in that domain. This way, everything replicates with every DC. Next, ensure every DC is a Global Catalog server, and that you properly configure sites and services in Active Directory. Install DNS on each DC, and you should then be good to go.
Deploying child domains is only really useful when you have lots and lots of users (as in thousands of users), or the business opens up a subsidiary which is mainly separate from the main company. Child domains for different offices isn't required and Active Directory is specifically designed such that you don't need to do this.
-Matt