Two domains vs. one = multi-site company
Posted on 2014-01-13
Experienced in basic AD but not too much multi-site work...
Have a client who just purchased a small company in another state. Client has typical small office AD setup already (less than 30 PCs). New site only has about 8 machines and no existing server.
Client desires to operate "as one" with equal access to all network resources.
My plan was just to add a new DC to the domain for the new location (with a different subnet) across a VPN (both locations have good internet connections), utilizing GPOs to optimize profile redirection, etc. Intended to replicate most shares between locations.
An experienced engineer in our company insists that we risk a great deal by sticking with the single domain vs. establishing multiple domains within the forest and using trust relationships. He feels that losing connection between the sites can cause significant issues for the domain.
My research seems to show this line of thinking is out of date for most situations in a company this size without serious security restrictions - assuming the new site is setup properly with Global Catalogs, solid GPOs, etc.