Solved

How do I setup remote sites?

Posted on 2009-05-04
4
178 Views
Last Modified: 2012-05-06
I have three locations that are currently running two domains and a workgroup. I want to consolidate some of this by putting a 2007 Exchange Server in a Colocation and have all three sites access email via RPC over HTTP.

Then I want to setup VPN's to connect all three sites. My question is, if I put three "File" servers at all three sites, how can I set it up so that they all can authenticate with each other. I would like for all three sites to be able to login, even if one server is down. I also would like for them to share data so that if one server dies the other two have that data...if possible.

0
Comment
Question by:aando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24300242
It can be done.
You would need a domain controller in each site - that domain controller would need to be a global catalog, as those process the logins.

For the data, you could use a domain DFS system, with the replication options. DFS will use the closest source to the user, so you could have all the data in all three locations. Make a change in one location and it should be reflected on the other site shortly afterwards (bandwidth permitting).

The Exchange 2007 server will need a domain controller with it as well, unless you want the Exchange server to very slow.

Simon.
0
 

Author Comment

by:aando
ID: 24304201
Simon,

Even though I don't want to store any data in the Colo, I still need a Domain Controller in the Colo with the Exchange Server? Can I make the DC in the Colo the "primary" DC so that if one of the other locations internet does go down, this one shouldn't because of the redundancy of the Colo? If I have VPN's between the sites, do I have to use RPC over HTTP to get email to flow or can I pull email across the VPN without it? One other thing, I would be able to have all the domain controllers have the same domain name such as 123.local even though they will have different IP scheme's correct?

Any other suggestions or ideas I should think about with this scenario?
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 500 total points
ID: 24304287
Exchange is very hard on domain controllers. I wouldn't dream of putting an Exchange server in a location without a domain controller. If you try to run it over a WAN and lose that WAN, the Exchange server is dead in the water. Even if you have multiple WAN connections, Exchange can take 30 minutes before it looks for another domain controller, during which time it is dead in the water.

No such thing as primary or second domain controllers with AD. The only thing you could do with the DC in the data centre would be to make it hold all of the FSMO roles, with the other DCs holding just the GC role.

If you are setting up child domains then they can have different domains, although in most cases it would be sub.domain.local rather than something completely different. It makes it obvious to someone else that it is a child domain. If you are putting everything in to a single domain then the domain name will be the same everywhere.
There are pros and cons to a single domain multiple AD site model, as well as the child domain model.

You can use a VPN or RPC over HTTPS/Outlook Anywhere. Little to be gained from either, other than the latter is not dependant on a VPN being available, it only requires a single port.

Simon.
0
 

Author Closing Comment

by:aando
ID: 31577804
Great Information.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question