Re: Active Directory Setup Advice
- From: "ctvader" <jeff.swift@xxxxxxxxx>
- Date: 5 Jul 2006 13:02:45 -0700
If you use on Domain (we're set up this way) and have a DC in each
site, then the users will authenticate to the DC in their site,
provided your sites and dns are setup correctly.
If you use multiple domains, the complexity can grow pretty fast - ex:
two DC's per domain (in case one crashes, placement of accounts,
machines, policies, etc. Multiple domains should be used when the OU's
dont fit your security models.
I would recomed at least two DC's in your main site and one DC in each
remote site, seperating OU's into geographical sites. This will afford
you the flexibility of specific settings for each site.
I hope this helps and i'm sure others will have varying opinions. If
you have more questions, keep them coming.
Matt Berry wrote:
I am just trying to work out what people usually do in this scenario. As
would it be best to have sub domains for remote offices or a single domain?
Surely there is a limit to how many machines can be in a single domain model?
Say I have someone logon at central office and configured as single domain I
understand that will go to the nearest DC and logon. What happens if you use
sub domains does that then go back to the server at the sub domain to logon
or will the local server still process logons.
Bit confused about the process of what happens in these 2 scenarios. any
explinations of the 2 would be a help.
"ctvader" wrote:
Matt,
You really cant seperate in Netowrk Neighborhood by using one domain
but you can organize it by using different characters in the machine
names. Why is the browsing via network neighborhood so important?
Just trying to find more info to help you...
Matt Berry wrote:
I was thinking one domain would be easiest solution, but how do you then
seperate in network neighbourhood to show seperate offices etc? As don't
really want all machines showing up in one big list. As need to determine
which site it is at by browsing.
"Anthony" wrote:
The issues you need to resolve are separate.
Unless you have incompatible security requirements between the sites, you
only need one domain for all.
You need a domain controller anywhere where you have slow links (e.g ADSL)
or you want people to keep working if the line goes down, and if you can
afford it. If you have fast and reliable links you don't even need that.
Computers will connect to the nearest DC if it is available, but if it isn't
they will find any other.
Anthony
"Matt Berry" <MattBerry@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E004B77C-032B-4271-82FD-ACD3CA43682C@xxxxxxxxxxxxxxxx
What is the best way to configure AD if using 1 central site of around 60
users and another site with 30 which the main traffic goes between. Then 8
satellite offices that connect to the central site.
Should we setup one large single domain that everyone logs into. Meaning
that remotes can talk to any dc that answers a request when logging on?
So everything is under mycompany.local or using sub domains for each site
such as location.mycompany.local at each site?
What would be the best way to configure this and what are the
advantages/disadvantages?
.
- Follow-Ups:
- Re: Active Directory Setup Advice
- From: Matt Berry
- Re: Active Directory Setup Advice
- References:
- Re: Active Directory Setup Advice
- From: Anthony
- Re: Active Directory Setup Advice
- From: ctvader
- Re: Active Directory Setup Advice
- From: Matt Berry
- Re: Active Directory Setup Advice
- Prev by Date: Re: adding a DC to an existing SBS 2003 domain
- Next by Date: Re: KCC connections for replication
- Previous by thread: Re: Active Directory Setup Advice
- Next by thread: Re: Active Directory Setup Advice
- Index(es):
Relevant Pages
|
Loading
