AD Design for SME with Oversea Branch

Dear expert,

Our company is a SME with global presence. The HQ is in Singapore, with branch in Taiwan, China, Malaysia, Europe and US. However, the distribution of staffs in these place is uneven. Singapore, Taiwan and China account for 90% of the total headcount, whereas Malaysia, Europe and US only account for about 10%.

For security purpose, our company intended to implement AD. Since I am quite new to AD, I am currently stuck on a few questions waiting for your clarification:
My current design is creating one forest and many domain controller, with each domain controller corresponds to one branch. however, some branch such like the ones in malaysia and europe have only a few staffs. So should I still create one dedicated domain controller for such branch?
We intend to set up AD server only in Singapore but not other place, will this design cause latency to oversea users? In what situation should I set up AD server in other branches as well? Which approach is recommendable to our company?
Is VPN necessary for oversea staffs to use AD service(e.g. authentication) and exchange service in HQ?
Thank you in advance.
Who is Participating?
Iradat SiddiquiConnect With a Mentor Commented:
You need to have site to site VPN across locations and needs to have Additional domain controller at each site.........even you can use Desktops (Not high end servers) to install ADC in the branches with low staff or users.........
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.