I have a client that has a corporate office and 67 remote small (4-5 workstation) retail shops. Previously, several of these locations had servers installed in them for various reasons; but all of those remote servers are on completely different Active Directory domains.
Considering that all of those remote retail shops are small; and are connecting back to the corporate site over IPSec VPN tunnels, is there any reason why those servers should not be on the *same* domain as the corporate AD?
What I want to do it remove those AD domains and just bring those servers into the corporate AD domain but leave them as just simple file and application servers, (maybe provide DNS and DHCP locally).
I just do not see a reason to have those small networked servers as their own domains. Unless it was set up that way because it was a Microsoft "best practice". But that is not how I learned to implement AD domains.