Re: Flat domain to start off?
- From: "John" <nomailaccount@xxxxxxxxxxxx>
- Date: Fri, 17 Mar 2006 10:09:08 -0500
Thank you Brian. I'll setup a test environment in Virtual Server 2005 to
try this out.
"Brian Delaney" <BrianDelaney@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5EB420FA-4271-40FA-BC45-BDAF727AF478@xxxxxxxxxxxxxxxx
Yes, it would probably be best to make each remote DC a GC, this was each
site can operate independantly if one of the WAN connections were to go
down.
Moving computers is quite simple if you do need to do that in the future.
Check out the tool ADMT (Active Directory Migration Tool) v3. This will
allow you to move computer and user accounts from one domain to another
within the forest, or copy computer and user accounts to another forest.
Brian Delaney
"John" wrote:
Hi Brian,
Thank you very much for your response. We have about 800 users at the
moment. I was told I need to assign each domain controller as a GC
server.
So with a flat domain, everyone will belong to company.com similar to our
existing configuration. I think this is the easiest way to do. However,
if
I do need to move computers/users to a sub-domain, would it be too
difficult
to do?
Thanks again for your help.
John
"Brian Delaney" <BrianDelaney@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:13FD20BB-CBCB-4ECF-A017-64E361D7B973@xxxxxxxxxxxxxxxx
Whenever possible a single domain is the way to go. Replication in
2003
is
also much more efficient and configurable then NT4. You can easily
create
Sites with schedules to allow replication to your overseas offices
during
offpeak hours. Also, with the configuration of subnets you will be
able
to
control the DCs that your client computers authenticate against to
prevent
authentication from crossing slow WAN links.
If you do however have a substantial number of users (>50,000) you may
want
to consider additional domains based on geographic location to further
reduce
the replication. But I suspect since you are using a single NT4 domain
you
do not have nearly that many users.
One important thing to watch for when moving to 2003 is that XP and
2000
clients will not authenticate against NT4 BDC once they have
authenticaticated against a 2003 DC. So you may want to have a look at
the
article: http://support.microsoft.com/kb/298713/en-us which dicusses
how
to
prevent overloading your first 2000/2003 domain controller by utilizing
the
NT4Emulator registry key.
Hope this helps,
Brian
"John" wrote:
Currently we have NT4 domain structure across our sites - 2 main
offices
and
few small remote offices overseas. Each office location has a
different
IP
address range such as:
office 1 - 10.1.x.x
office 2 - 10.10.x.x
office 3 - 10.20.x.x
At the present time, it's one flat domain. Can we start off with
upgrading
our existing NT4 PDC to AD 2003, keeping the same structure and same
domain
name as our existing NT4 domain. Down the road, create sub-domains
and
migrate users and computers to these sub domains? One sub-domain can
be
like office1.company.com and move all computers/users that belong to
office
location 1 to that domain.
One thing I'm concern is we have slow links between oversea offices.
At
the
present time, these offices have local BDCs but we have to block the
traffic
between PDC and BDC, or else it kills the link. Would keeping a flat
domain
doable?
Appreciate your comments.
.
- References:
- Flat domain to start off?
- From: John
- Re: Flat domain to start off?
- From: John
- Re: Flat domain to start off?
- From: Brian Delaney
- Flat domain to start off?
- Prev by Date: Re: Large numbers of Users in an OU
- Next by Date: Re: Looking for a good AD restore utility
- Previous by thread: Re: Flat domain to start off?
- Next by thread: Re: Lost Domain controller Administrator Password
- Index(es):
Relevant Pages
|
