How do I setup remote sites?

I have three locations that are currently running two domains and a workgroup. I want to consolidate some of this by putting a 2007 Exchange Server in a Colocation and have all three sites access email via RPC over HTTP.

Then I want to setup VPN's to connect all three sites. My question is, if I put three "File" servers at all three sites, how can I set it up so that they all can authenticate with each other. I would like for all three sites to be able to login, even if one server is down. I also would like for them to share data so that if one server dies the other two have that data...if possible.

aandoAsked:
Who is Participating?
 
MesthaCommented:
It can be done.
You would need a domain controller in each site - that domain controller would need to be a global catalog, as those process the logins.

For the data, you could use a domain DFS system, with the replication options. DFS will use the closest source to the user, so you could have all the data in all three locations. Make a change in one location and it should be reflected on the other site shortly afterwards (bandwidth permitting).

The Exchange 2007 server will need a domain controller with it as well, unless you want the Exchange server to very slow.

Simon.
0
 
aandoAuthor Commented:
Simon,

Even though I don't want to store any data in the Colo, I still need a Domain Controller in the Colo with the Exchange Server? Can I make the DC in the Colo the "primary" DC so that if one of the other locations internet does go down, this one shouldn't because of the redundancy of the Colo? If I have VPN's between the sites, do I have to use RPC over HTTP to get email to flow or can I pull email across the VPN without it? One other thing, I would be able to have all the domain controllers have the same domain name such as 123.local even though they will have different IP scheme's correct?

Any other suggestions or ideas I should think about with this scenario?
0
 
MesthaCommented:
Exchange is very hard on domain controllers. I wouldn't dream of putting an Exchange server in a location without a domain controller. If you try to run it over a WAN and lose that WAN, the Exchange server is dead in the water. Even if you have multiple WAN connections, Exchange can take 30 minutes before it looks for another domain controller, during which time it is dead in the water.

No such thing as primary or second domain controllers with AD. The only thing you could do with the DC in the data centre would be to make it hold all of the FSMO roles, with the other DCs holding just the GC role.

If you are setting up child domains then they can have different domains, although in most cases it would be sub.domain.local rather than something completely different. It makes it obvious to someone else that it is a child domain. If you are putting everything in to a single domain then the domain name will be the same everywhere.
There are pros and cons to a single domain multiple AD site model, as well as the child domain model.

You can use a VPN or RPC over HTTPS/Outlook Anywhere. Little to be gained from either, other than the latter is not dependant on a VPN being available, it only requires a single port.

Simon.
0
 
aandoAuthor Commented:
Great Information.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.