Solved

Windows Network Configuration

Posted on 2014-01-28
6
149 Views
Last Modified: 2014-08-25
Hi,

I have 6 x sites located all around the land down under.  All 6 sites are linked via a meshed VPN network and can see each other.

Now, in Head Office i have 2 x AD Servers (1 backup) on the one domain. All others have their own servers on their own domains.

Example :

Head Office - 2008R2 Domain - office1.local    (30 users)
Branch Office 1 - 2008R2 Domain - office2.local    (10 users)
Branch Office 2 - 2008R2 Domain - office3.,local    (10 users)
etc etc

Each server in each branch holds a lot of file storage and staff want access to this quickly so servers must reside in each branch locally.

As i am about to replace all the hardware in all the branches (Servers and Desktops) i have the ability to change things hopefully to make it better.

Question.

What is the best scenario in terms of Domain setup?
Should i keep them all separate domains?
Should i make the branch servers Read Only?
Should i put all the PC's on the Head Office domain and have them replicate from there?

What's the best practice for such a Domain Network?

Looking forward to your kind assistance.
0
Comment
Question by:tmaster100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 12

Accepted Solution

by:
mlongoh earned 500 total points
ID: 39816818
It's mostly a matter of requirements and bandwidth.  I'd advise that you start with consolidating all the different domains into one - there's no need to have separate domains unless you have reason to isolate them from one another.  It will make administration easier and allow people to logon even if they're not in their home branch.

Whether you have a server at each branch or centrally located is dependent on available bandwidth, response requirements, and preference.

If bandwidth is lower than traditional LAN speeds, then I'd have a domain controller/file server at each site.  But that's really up to you... you can test operation across the network to see if it's acceptable.

One common directory service is definitely better.
0
 
LVL 1

Author Comment

by:tmaster100
ID: 39817046
Ah, so what your suggesting is to use both AD servers in Head Office to authenticate all PC's around the country over the WAN and have no AD at each branch site, just some NAS or something similar?
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 39818046
Only if bandwidth supports it. Otherwisehave a DC at each location providing authentication/DNS/DHCP but have them all on the same domain (the DCs will replicate updates to each other).
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:tmaster100
ID: 39820372
Understand, thankyou kindly.
0
 
LVL 1

Author Comment

by:tmaster100
ID: 39828598
So what you suggest is to setup Secondary AD servers in forest that replicate with the first AD server so that all sites will be on the same domain, this makes sense but can you configure these secondary servers to serve out their own DHCP ranges?  All our sites use a different Subnet for each location.

From what i understand Windows will always ask the DHCP server closest to it, as in on the same switch for an IP. Is this correct?

We do have travellers that go from state to state and use a laptop. Due to web restrictions all staff are given a reserved IP (based on MAC) so i don't want to mess this up.
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 39829485
Well unless you have a DHCP helper feature enabled in your routers, the DHCP requests will never get beyond the routers - meaning they will stay with the subnet for each site.  So, yes, you can setup DHCP on each server and configure each for it's respective site's subnet.  In essence, DHCP should function the same as it is now.
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question