One Site Multiple Physical Locations

Hello Experts,

I recently started working at a new company and while assessing their topology, there are changes I would like to make, but want to make sure how this could effect their current structure.

As it stand right now, this company has 1 Forest - 1 Domain - 1 Site - 2 DCs - 20 Different Physical locations.

Both DCs are running 2008 R2 and one is located at the Main Office and the other DC is located at an offsite location for disaster purposes.

My question is, I would like to separate each physical location into a separate site. For budget purposes right now, I will not have the option to purchase additional DCs. Am I going to run into problems if I create additional sites? Each physical location are currently using different networks. 10.10.20.0 - 21.0 - 22.0 etc. Seeing that they are all authenticating against DC1 what kind of walls would I come up against if I created separate sites?

Thanks for any recommendations or articles you can provide to help me with this question.
LVL 1
smartin0924Asked:
Who is Participating?
 
aces4all00Connect With a Mentor Commented:
Each site requires at least 1 DC so without purchasing additional DCs you can have 2 sites at most.  If you check I believe you will find users are authenticating against both DCs right now.  If you're looking to limit who authenticates to the DC at the DR location creating a separate site for it is not a bad idea.  Adding sites does introduce some administrative overhead (you'll need to keep your subnets in AD Sites and Services are up to date and assigned to the proper subnets) and other services like Exchange couple be impacted by the change.
0
 
Neil RussellTechnical Development LeadCommented:
Firstly ask yourself WHY you want to create 20 different AD sites? Just because you have 20 physical locations it does not follow that you MUST have 20 AD sites.

AD Sites serve a purpose, be it for authentication to different AD controllers or to allow Site specific GP's etc.  Dont' partition just because it seemed like a good idea at the time.

Can you explain WHY the need for 20 sites? This may help in answering the questions you ask.
0
 
Dave BaldwinFixer of ProblemsCommented:
I agree with @Neilsr.  And if I were your boss, I would want a Very good reason to spend the time changing something that is currently working.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
smartin0924Author Commented:
My first thought was just to structure the AD better so I could apply specific policies to the equipment in that location. We currently use roaming profiles and each time a user goes to a different site, we need to load printers for that user. I'm not 100% on roaming profiles and do not like having to use them so that will probably lead to another question or more research, but this was my first thought when looking into ideas to set things up.

Let me be clear, I am not wanting to change things just because. Im simply going off the bit of knowledge I do know. If there is a better solution, I am open for any and all ideas.

Thanks for replying
0
 
Neil RussellConnect With a Mentor Technical Development LeadCommented:
For a better understanding of what "Active Directory Sites" are have a read here
0
 
Dave BaldwinFixer of ProblemsCommented:
I suggest you start keeping a list of problems and solutions.  Or maybe more accurately, situations and actions required.  How many times does a user go to a different site?  Are you talking 1 out of 500 or 10 out of 20?  Things like that should tell you how much work it is costing your company.
0
 
smartin0924Author Commented:
Neilsr, thanks for the article. The part that talks about "Sites and subnets are represented in Active Directory by site and subnet objects, which you create through Active Directory Sites and Services. Each site object is associated with one or more subnet objects.
Each site is in a different subnet.

Dave, as far as how many times users are going to different sites, its daily. If someone calls out sick or there's an shortage in staff, they move staff around to help out.
0
 
smartin0924Author Commented:
Thank You aces4all00. OK, so the additional DC's will come into play then with the extra sites. That's what I was not clear on.  Thanks for the information, that changes the direction would like to go.
0
 
Neil RussellTechnical Development LeadCommented:
Just because "Each [physical] site is in a different subnet." does not mean you NEED to have AD sites set up.

Group policy can easily handle different printers for different computers in different locations without using Sites. Just use an OU structure that maps to your locations.

Also it is NOT true that EVERY AD Site must have a DC. You can have sites set up without a DC in it and people do so.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.