Planning Domain/Exchange for 3 offices (HO and 2 branches)

Sawyer used Ask the Experts™
i have 3 offices

already i have some implementation but i want the professional one
i have licenses for window 2003 and exchange 2003

i have 3 offices in 3 different cities / 10 user on each branch
these site connected use vpn and internet

now i want the right plan /implementation for my domain controller and exchange
should i use a secondary DC on branches or not
about exchange also should I use another exchange there?

also the exchange and DC must be in a separate machine or i can handle it on only one

thank you
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

It is NOT RECOMMENDED (not a best practice) to run Exchange on a domain controller.  HOWEVER, it IS Supported by Microsoft if you had to.  

What you do at the branches depends on the speed of the connection between the sites.

I would not run any additional Exchange 2003 servers, but I would put in AT LEAST one DC in one of the other offices so that you have redundancy for the active directory.  10 users could probably do without a DC at the site, but if you could swing it, I would put one server in each location.  I would probably also setup DFS for each site so that files are replicated between the locations providing a near-instant off-site backup and making the files available to all users everywhere.  

I'd setup a point-to-point VPN between all sites (just keep in mind, UPLOAD speed is generally just as important as download in point-to-point VPNs).

Exactly what else to do and how to do it and what concerns to have all depend on what your users are doing and what your business does and what apps you run.


ok thank you

for ad domain replications
whats the bw needed between offices
only 10 users in each branch?

if i have 1 MB vpn connection this will be fair??? or i need more
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

For small networks, the bandwidth requirements are negligible.  You could do replication over dialup... for AD.  (Though I don't recall if some tweaking might be necessary for such slow links)... but with an 8 Mb VPN, you should be fine.

(MB = MegaBYTE)
(Mb = MegaBIT)
8 b = 1 B so if you didn't make a typo - you have an 8 Mbit link... And if you did make a typo, then even a 1 Mbit link is should be fine.  I THINK the default slow link threshold is 512 Kb
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!


ok thank you

actually i have 1 Mb bit

so now i will make the domain controller on the main office / the primary

about the branch which better; i make a secondary DC or a child domain?

can i have a case study of cases like this/// ??
many thanks

Technology and Business Process Advisor
Most Valuable Expert 2013
You don't want to make child domains - then you start having to deal with trusts.

There is no such thing as a primary DC in Active Directory - all DCs are DCs.  You have 5 FSMO roles that could live on UP TO 5 different servers (depending on the version of Windows you are using).

You would make the other site(s) servers DCs in your existing domain.  An RoDC could be done, but by making them standard DCs, you have a full replica of AD.  (If your environment demands high security then you may want RoDCs, but if not, then standard DCs would be the route I go.

As for case studies... I'm sure they exist... don't know of any though.

I can say that I have one client with 40+ users at the main office and 10 users at another office and this is how we have them setup (with a DFS to replicate data as well).  Their links are 2 Mbit.


ok thank you
that fair to me i will implement that and i will ask again for any doubts

and actually i was a system admin before 3 years but i forgot many things,,,, i will handle it now again

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial