Exchange 2010 and AD Design

Hello,

 We are in the process of moving all the servers from our corporate office to another place as we rented rack space. We have a single AD (Domain.com), Exchange 2010. We have one corporate office and all the users in the office login to AD. We are planning to have site to site VPN for AD Replication only. (All of the work we do is using share point and users get to it using internet)

My question is what are my best options as for AD and exchange Design. I was planning to create a SITE (corp.domain.com ) at our corporate (as i have a spare dell tower server i can use) in  a seperate subnet as we need to configure site to site vpn  and all the users will use that SITE for authentication, DHCP, etc.. instead of authenticating from the Primary DC over VPN and use outlook anywhere for EMAIL.

Do you think this is a good IDEA. Do any of you have better solution. If so please advise.


Thank you,
Raj.
 
PHESupportAsked:
Who is Participating?
 
AkhaterConnect With a Mentor Commented:
1. create anoother DC
2. go to sites and services create two subnet objects one for colocation and one for corp
3. in  sites and services create 2 sites colocation and assign to it the corresponding subnet object and corp and assign to it the corresponding subnet object

for exchange one server can take care of them all
0
 
Brian BIndependant Technology ProfessionalCommented:
You may be making it more complicated than required. Why not have separate OUs in the same domain for the two groups? It would make things easier to administer.
0
 
AmitConnect With a Mentor IT ArchitectCommented:
You can setup a new site for new office. Assign the necessary subnets, install new Additional Domain Controller. This resolves the AD issue and will not required to authenticate over the VPN

For Exchange you can use OWA or Outlook Anywhere also.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
AkhaterCommented:
your idea is correct however you are just mixing one point, a site will still be domain.com you will not have corp.domain.com unless your ad domain is already corp.domain.com
0
 
PHESupportAuthor Commented:
Thank you all for the suggestions. My situation is all the server will move including AD and exchange and i dont want my users to eat up all the bandwidth for authentication and email (Outlook traffic). So i was planning to create a site at existing office so users can use that box to authenticate. I have a spare box i can use for that purpose with secondary DNS pointing to primary DC.

So when i create a site it does not have to be site.domain.com ?
0
 
AkhaterCommented:
no a site is different from a subdomain, it is used exactly for the purpose you want,

in Active Directory Sites and Services you create 2 sites

1. collocation and assign to  it the subnet obeject of your collocation
2. Copr and assign to it the subnet of your office

assign each DC to it corresponding site and AD will take care of the rest all the users with IPs in the corp subnet will authenticate from the designated dc
0
 
PHESupportAuthor Commented:
Ok. So since i already have a DC for Domain.com i create another DC and then go to sites and services create two subnets one for colocation and one for corp and point DNS to each other and that should do it right ?

What about Exchange ? Do i need to create another exchange server for CORP or existing 2010 will take care of all the users and mailboxes for both colocation and corp?

We do have two branch offices with about 10 users and they use site to site VPN to colocation right? Currently they are using site to site VPN to corp.
0
 
Brian BConnect With a Mentor Independant Technology ProfessionalCommented:
As long as it is one *domain*, Exchange won't care. Even if the second site is remote, as long as there some sort of connection between the two (VPN, most likely) AD will treat all as one big domain.
0
 
PHESupportAuthor Commented:
I am distributing the points as the help was fast and assigned more points to akhater as he answered more questions.

Thank you.
0
All Courses

From novice to tech pro — start learning today.