• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 309
  • Last Modified:

New DC or child domain

HI,

I am setting up a new remote office in Hong Kong, and would like it to be as secure as possible ( as it is China ) and not have all current AD information replicated to the Hong Kong office, so was wonder if a child domain would be the best solution?

Hong Kong office will be using the current Exchane 2010 server in the parent domain and some resorces in the parent domain.

So the main purpose would be security to prevent head office user accounts residing on a Hong Kong server.

Thanks,

Brett

0
gdaysh
Asked:
gdaysh
1 Solution
 
Krzysztof PytkoActive Directory EngineerCommented:
Hi, in my opionion the best solution to fulfill your requirements would be Read Only Domain Controller (RODC) for the existing domain. That' secure option which allows you to keep controll and have secure DC in Hong Kong

Please google about RODC step-by-step implementation because it's inconvenient to post links from mobile :/

Regards,
Krzysztof
0
 
kevinhsiehCommented:
I agree that RODC is a much better idea.
0
 
infoplateformCommented:
If You Have 15 to 20 Users and You want Secure way of replication then RODC is best


Install RODC in Server Core :

http://technet.microsoft.com/en-us/library/cc754629(v=ws.10).aspx#bkmk_installSrvFound


Hope it Helps


Regards,

Osama Mansoor
0
 
gdayshAuthor Commented:
Excellent - totally overlooked RODC - thanks :)
0
 
Krzysztof PytkoActive Directory EngineerCommented:
You're welcome :)

Krzysztof
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now