Benefits and questions about single domain over sub domain

We are going to be going with AD pretty soon but I had a couple of questions about whether it would be best to use a single domain or use a sub-domain for another location. This location is over a 1Mbps connection (in Africa) so that would seem to lend itself to using a sub-domain, but when we did a test install using the same domain on both sides replication, etc. was fine.

My questions are:

what happens with the time in each location if they share the domain? Can you have both sites using different time zones?

Will things in Exchange like shared calendar and contacts work better in a single domain environment or is there no difference to Exchange in this respect?

Does AD get the clients to use the best/closest DC for the clients in the other location or is there a danger that they might come across the slow link to try and authenticate? Plus, if both domain controllers went down on the ship would they try to use that pipe or can you get them only to use the ones in there location?

Thanks.
LVL 1
willlandymoreAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lee W, MVPTechnology and Business Process AdvisorCommented:
If you configure Sites and Services properly, then "local" DCs are favored for authentication.  As for time zone issues - there should be done.  Ever notice the (+800) or (-400), etc in selecting the time zone?  That should adjust the time relative to GMT and in that respect, the time for DCs (and workstations) should always match up.

There's little reason to have multiple domains and it's generally not recommended.  If you want others to have management rights, DELEGATE administrative tasks to them in an OU for that location.
0
Chris DentPowerShell DeveloperCommented:

If you can survive with one domain I'd stick with it, easier to manage and backup.

> what happens with the time in each location if they share the domain?
> Can you have both sites using different time zones?

Yes, absolutely.

AD uses UTC, your client systems will display UTC with the timezone offset.

> Will things in Exchange like shared calendar and contacts work better in
> a single domain environment or is there no difference to Exchange in this respect?

The boundary for Exchange is the Forest, so it won't make a lot of difference except to user-management.

> Does AD get the clients to use the best/closest DC for the clients

Yes, provided you have configured AD Sites and Services.

If no local DCs were available they would try over the link. However, this is something you can control by preventing DCs registering certain generic DNS service records.

See:

http://support.microsoft.com/kb/306602

And do note that Group Policy is the best way to set this.

Chris
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
willlandymoreAuthor Commented:
okay, thanks guys.

One other thing...

If we move to the one domain there will be some 'role based' e-mail addresses that used to use the sub-domain format like: manager@sub.domain.com. Can I still have these work in Exchange with the new domain?

I was thinking you could do something like go into Exchange and setup a recipient policy so that it can add an address to those users that has *@sub.domain.com so it will filter into the new account...something like that.
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

Chris DentPowerShell DeveloperCommented:

Yes, that's no problem at all. Exchange can handle many SMTP domains, it's just a case of adding sub as well.

If it's Exchange 2003 you're right in thinking you'll need a recipient policy.

Chris
0
willlandymoreAuthor Commented:
it's Exchange 2010. :)
0
Chris DentPowerShell DeveloperCommented:

Then it's an Accepted Domain you need, the Email Address Policy is entirely optional but is about the best way to apply the other email address :)

Chris
0
willlandymoreAuthor Commented:
thanks for all the help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.