Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 138
  • Last Modified:

linking multiple sites - all using Active directory

I have just started supporting an organisation that is split over 5 sites. All the sites link back to a 6th central location for internet access via 10mb links.

Some of the sites already have DCs. We are considering implementing Googls Apps across the organisation too.

Users may spend 6 months at one location and then move to another.

Currently the sites are set up as 6 independent entities.

We would like to make it easier for users to move between sites by allowing them to use the same login details at the five sites.

What is the best way to proceed, Can I link the sites together somehow or do I need to implement a master DC at the 6th central site.

Also what about file storage. Currently files are stored on the DC at the respective sites. Do i need to create storage at the 6th or is there a better way.

Any advice would be appreciated.

0
roy_batty
Asked:
roy_batty
  • 3
  • 3
1 Solution
 
WayneATaylorCommented:
Depending on the sizes of the sites I would normally configure a single domain acros all the sites, and have DC's confgured as "global catalogs" at each site.  The last part is needed as that allows the GC server to actually service AD requests rather than just having the AD data.

The important thing also is that DNS is configured correct so that all DCs can see each other for correct AD replication.

If this is all configured correct, asll users AD data will be automaticlaly replicated across all DC servers and then allow a single login from any site.

Wayne
0
 
roy_battyAuthor Commented:
Would I need a central DC at the 6th site for this to work?
0
 
WayneATaylorCommented:
No necessary, if that is a small site you could just point the clients at the 6th site to the other serevrs by DNS, so make their DNS point to one of the other remote servers.  Although of course if the link is down, they won't be able to authentictate!

Wayne


0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
roy_battyAuthor Commented:
When you say

"The important thing also is that DNS is configured correct so that all DCs can see each other for correct AD replication."

Can you give me some more detail about this.
0
 
WayneATaylorCommented:
Yes it's bsically that all servers must be able to talk to a DNS server that will register their address.  What I would do is have the primary DNS server set the same for all of the servers, i.e. one of the sites and the second address one of the other sites.  That way, all of the serves will be able to talk to address to any other server.

That is needed for the AD replication as in effect every DC server will need to talk to each other DC server.

Wayne




0
 
roy_battyAuthor Commented:
Do you have a link to any guides of how to do this is more detail?
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now