Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 and AD Design

Posted on 2011-03-02
9
Medium Priority
?
988 Views
Last Modified: 2012-05-11
Hello,

 We are in the process of moving all the servers from our corporate office to another place as we rented rack space. We have a single AD (Domain.com), Exchange 2010. We have one corporate office and all the users in the office login to AD. We are planning to have site to site VPN for AD Replication only. (All of the work we do is using share point and users get to it using internet)

My question is what are my best options as for AD and exchange Design. I was planning to create a SITE (corp.domain.com ) at our corporate (as i have a spare dell tower server i can use) in  a seperate subnet as we need to configure site to site vpn  and all the users will use that SITE for authentication, DHCP, etc.. instead of authenticating from the Primary DC over VPN and use outlook anywhere for EMAIL.

Do you think this is a good IDEA. Do any of you have better solution. If so please advise.


Thank you,
Raj.
 
0
Comment
Question by:PHESupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 25

Expert Comment

by:Brian B
ID: 35021598
You may be making it more complicated than required. Why not have separate OUs in the same domain for the two groups? It would make things easier to administer.
0
 
LVL 44

Assisted Solution

by:Amit
Amit earned 500 total points
ID: 35021614
You can setup a new site for new office. Assign the necessary subnets, install new Additional Domain Controller. This resolves the AD issue and will not required to authenticate over the VPN

For Exchange you can use OWA or Outlook Anywhere also.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 35021630
your idea is correct however you are just mixing one point, a site will still be domain.com you will not have corp.domain.com unless your ad domain is already corp.domain.com
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:PHESupport
ID: 35021675
Thank you all for the suggestions. My situation is all the server will move including AD and exchange and i dont want my users to eat up all the bandwidth for authentication and email (Outlook traffic). So i was planning to create a site at existing office so users can use that box to authenticate. I have a spare box i can use for that purpose with secondary DNS pointing to primary DC.

So when i create a site it does not have to be site.domain.com ?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 35021713
no a site is different from a subdomain, it is used exactly for the purpose you want,

in Active Directory Sites and Services you create 2 sites

1. collocation and assign to  it the subnet obeject of your collocation
2. Copr and assign to it the subnet of your office

assign each DC to it corresponding site and AD will take care of the rest all the users with IPs in the corp subnet will authenticate from the designated dc
0
 

Author Comment

by:PHESupport
ID: 35021783
Ok. So since i already have a DC for Domain.com i create another DC and then go to sites and services create two subnets one for colocation and one for corp and point DNS to each other and that should do it right ?

What about Exchange ? Do i need to create another exchange server for CORP or existing 2010 will take care of all the users and mailboxes for both colocation and corp?

We do have two branch offices with about 10 users and they use site to site VPN to colocation right? Currently they are using site to site VPN to corp.
0
 
LVL 49

Accepted Solution

by:
Akhater earned 1000 total points
ID: 35021824
1. create anoother DC
2. go to sites and services create two subnet objects one for colocation and one for corp
3. in  sites and services create 2 sites colocation and assign to it the corresponding subnet object and corp and assign to it the corresponding subnet object

for exchange one server can take care of them all
0
 
LVL 25

Assisted Solution

by:Brian B
Brian B earned 500 total points
ID: 35029566
As long as it is one *domain*, Exchange won't care. Even if the second site is remote, as long as there some sort of connection between the two (VPN, most likely) AD will treat all as one big domain.
0
 

Author Closing Comment

by:PHESupport
ID: 35151058
I am distributing the points as the help was fast and assigned more points to akhater as he answered more questions.

Thank you.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question