Re: Satellite Branch Office Woes
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Tue, 16 Jan 2007 23:45:15 -0600
"Slandrum" <Slandrum@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1F627FFA-3853-4815-A637-61DE9F5D1637@xxxxxxxxxxxxxxxx
Thanks for the replies all.
A bit more info:
The client machine has a hard-coded IP address that includes the DNS entry
for the central site. All AD DNS entries are correct and available, and
both
the client subnet and the central subnet have reverse lookup zones
configured
in the (AD-Integrated) DNS. All DNS is internal, in all subnets, with
forwarders configured on the central DNS servers. Likewise, all SRV
records
are correct and available, including GC and DC entries, etc.
I am uncertain what you mean by a 'single label" domain name, unless you
mean the use of only a single character for the name. If so, this is not
the
case in my environment. The domain name is xxxxxxxx.com; with eight
characters, all text.
No, a name like "domain" or "microsoft" as opposed to a 2-label name
like domain.com or microsoft.com.
Single label domain names are technically legal but SHOULD be forbidden
because they lead to trouble.
Putting a DC in the remote client subnet is a non-starter, as the whole
point of a "satellite branch office" is to provide Directory and all other
services from the central site, "eliminating the need for costly server
hardware in the remote site". According to Microsoft, this is a perfectly
viable solution, and one that I would imagine is in use in literally
thousands of businesses.
No, that is not a full reading of Microsoft recommendations.
It may be correct in THIS case but it is incomplete, so start with this:
"Access to domain resources requires domain authentication".
IF access to domain resource is critical, and if you (like most people)
consider that single WAN lines are not fault tolerant then you have to
decide:
"Do we have any local (to the SBO) domain resources?"
AND
"Would access to those local domain resource hurt our business if
it were lost?"
Then you calculate the rough cost of that loss (like lost sales etc or
lost work hours by employees who have nothing to do) and estimate
the likelyhood it will happen.
You compare this to the cost of local (possible redundant) DCs and
DNS etc and decide which is CHEAPER for the company or rather
which will lead to "Making more money now and in the future for
the business."
In many sites with only a few users the likely loses don't justify the
added expense; in large sites it usually does.
The hard cases are usually in the 5-20 user range, but the key is NOT
that precise number but the loss or gain to YOUR business.
Technically you might need a DC for only a few people (BillG house
maybe) or be willing to do without for 50 or more but I have trouble
inventing an example of the latter <grin>
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
.
- References:
- Satellite Branch Office Woes
- From: Slandrum
- Re: Satellite Branch Office Woes
- From: Ace Fekay [MVP]
- Re: Satellite Branch Office Woes
- From: Slandrum
- Satellite Branch Office Woes
- Prev by Date: Re: Disabling Wireless via Group Policy
- Next by Date: Re: Domain Password Policies
- Previous by thread: Re: Satellite Branch Office Woes
- Next by thread: Re: Satellite Branch Office Woes
- Index(es):
Relevant Pages
|
