Solved

How do I setup remote sites?

Posted on 2009-05-04
4
176 Views
Last Modified: 2012-05-06
I have three locations that are currently running two domains and a workgroup. I want to consolidate some of this by putting a 2007 Exchange Server in a Colocation and have all three sites access email via RPC over HTTP.

Then I want to setup VPN's to connect all three sites. My question is, if I put three "File" servers at all three sites, how can I set it up so that they all can authenticate with each other. I would like for all three sites to be able to login, even if one server is down. I also would like for them to share data so that if one server dies the other two have that data...if possible.

0
Comment
Question by:aando
  • 2
  • 2
4 Comments
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24300242
It can be done.
You would need a domain controller in each site - that domain controller would need to be a global catalog, as those process the logins.

For the data, you could use a domain DFS system, with the replication options. DFS will use the closest source to the user, so you could have all the data in all three locations. Make a change in one location and it should be reflected on the other site shortly afterwards (bandwidth permitting).

The Exchange 2007 server will need a domain controller with it as well, unless you want the Exchange server to very slow.

Simon.
0
 

Author Comment

by:aando
ID: 24304201
Simon,

Even though I don't want to store any data in the Colo, I still need a Domain Controller in the Colo with the Exchange Server? Can I make the DC in the Colo the "primary" DC so that if one of the other locations internet does go down, this one shouldn't because of the redundancy of the Colo? If I have VPN's between the sites, do I have to use RPC over HTTP to get email to flow or can I pull email across the VPN without it? One other thing, I would be able to have all the domain controllers have the same domain name such as 123.local even though they will have different IP scheme's correct?

Any other suggestions or ideas I should think about with this scenario?
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 500 total points
ID: 24304287
Exchange is very hard on domain controllers. I wouldn't dream of putting an Exchange server in a location without a domain controller. If you try to run it over a WAN and lose that WAN, the Exchange server is dead in the water. Even if you have multiple WAN connections, Exchange can take 30 minutes before it looks for another domain controller, during which time it is dead in the water.

No such thing as primary or second domain controllers with AD. The only thing you could do with the DC in the data centre would be to make it hold all of the FSMO roles, with the other DCs holding just the GC role.

If you are setting up child domains then they can have different domains, although in most cases it would be sub.domain.local rather than something completely different. It makes it obvious to someone else that it is a child domain. If you are putting everything in to a single domain then the domain name will be the same everywhere.
There are pros and cons to a single domain multiple AD site model, as well as the child domain model.

You can use a VPN or RPC over HTTPS/Outlook Anywhere. Little to be gained from either, other than the latter is not dependant on a VPN being available, it only requires a single port.

Simon.
0
 

Author Closing Comment

by:aando
ID: 31577804
Great Information.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question