• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 573
  • Last Modified:

Benefits and questions about single domain over sub domain

We are going to be going with AD pretty soon but I had a couple of questions about whether it would be best to use a single domain or use a sub-domain for another location. This location is over a 1Mbps connection (in Africa) so that would seem to lend itself to using a sub-domain, but when we did a test install using the same domain on both sides replication, etc. was fine.

My questions are:

what happens with the time in each location if they share the domain? Can you have both sites using different time zones?

Will things in Exchange like shared calendar and contacts work better in a single domain environment or is there no difference to Exchange in this respect?

Does AD get the clients to use the best/closest DC for the clients in the other location or is there a danger that they might come across the slow link to try and authenticate? Plus, if both domain controllers went down on the ship would they try to use that pipe or can you get them only to use the ones in there location?

Thanks.
0
willlandymore
Asked:
willlandymore
  • 3
  • 3
2 Solutions
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
If you configure Sites and Services properly, then "local" DCs are favored for authentication.  As for time zone issues - there should be done.  Ever notice the (+800) or (-400), etc in selecting the time zone?  That should adjust the time relative to GMT and in that respect, the time for DCs (and workstations) should always match up.

There's little reason to have multiple domains and it's generally not recommended.  If you want others to have management rights, DELEGATE administrative tasks to them in an OU for that location.
0
 
Chris DentPowerShell DeveloperCommented:

If you can survive with one domain I'd stick with it, easier to manage and backup.

> what happens with the time in each location if they share the domain?
> Can you have both sites using different time zones?

Yes, absolutely.

AD uses UTC, your client systems will display UTC with the timezone offset.

> Will things in Exchange like shared calendar and contacts work better in
> a single domain environment or is there no difference to Exchange in this respect?

The boundary for Exchange is the Forest, so it won't make a lot of difference except to user-management.

> Does AD get the clients to use the best/closest DC for the clients

Yes, provided you have configured AD Sites and Services.

If no local DCs were available they would try over the link. However, this is something you can control by preventing DCs registering certain generic DNS service records.

See:

http://support.microsoft.com/kb/306602

And do note that Group Policy is the best way to set this.

Chris
0
 
willlandymoreAuthor Commented:
okay, thanks guys.

One other thing...

If we move to the one domain there will be some 'role based' e-mail addresses that used to use the sub-domain format like: manager@sub.domain.com. Can I still have these work in Exchange with the new domain?

I was thinking you could do something like go into Exchange and setup a recipient policy so that it can add an address to those users that has *@sub.domain.com so it will filter into the new account...something like that.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Chris DentPowerShell DeveloperCommented:

Yes, that's no problem at all. Exchange can handle many SMTP domains, it's just a case of adding sub as well.

If it's Exchange 2003 you're right in thinking you'll need a recipient policy.

Chris
0
 
willlandymoreAuthor Commented:
it's Exchange 2010. :)
0
 
Chris DentPowerShell DeveloperCommented:

Then it's an Accepted Domain you need, the Email Address Policy is entirely optional but is about the best way to apply the other email address :)

Chris
0
 
willlandymoreAuthor Commented:
thanks for all the help.
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now