Re: what new 2008 AD features may I want to consider for this?

I would try and avoid making a DC anything other than just a DC (With the exception of it being an RODC which you suggested). If you have large numbers of users at remote sites or if your vpn connection is unreliable, then this is a perfect candidate for a dc at the remote location. If you have remote dc's setup then you need to ensure the bandwidth is available for replication and while setting this up the DS replication doesn't consume the bandwidth available. As far as an RODC is concerned you will need to make sure that each remote RODC has a 2008 writable dc available to it so that replication properly works, so you will have to upgrade more than the remote sites.


--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.


"James" <noone@xxxxxxxxxxx> wrote in message news:ep$2uG4lJHA.1292@xxxxxxxxxxxxxxxxxxxxxxx
I will have a handful of sites geographically spread out across the globe... this active directory deployment is only to support a deployment system, which is using WDS and DFS-R, both of which require active directory. There is really only a couple of user accounts that will be used (by many users though, more like a role). There is a 'central' server where all edits to anything will be done from (like the share that is replicated via DFS-R), each other location will have a deployment server with a replica of this file share (each server will also be running DHCP/WDS to support deployment on it's subnet).

Right now I'm trying to figure out if I should make each of these other deployment servers member servers or additional domain controllers? One thing that comes to mind is avoiding user authentication over the WAN... I assume there are other considerations as well... is this a good scenario for the new Read-Only Domain Controller?

any input would be appreciated, thanks.

.

Relevant Pages

  • Re: DNS Forward lookup problem - now having problems with a period
    ... How did you set the replication scopes in the zone's properties in DNS on ... > each DNS server? ... to the remote 10.0.2.3 server, which runs on cable (we are working on ...
    (microsoft.public.windows.server.dns)
  • Re: Advice Needed: Asynchronous Replication/Mirroring to central o
    ... Looking for a SQL Server replication book? ... field offices return data to the central office so some of this "advanced" ... geographically-dispersed remote locations. ...
    (microsoft.public.sqlserver.replication)
  • Re: Advice Needed: Asynchronous Replication/Mirroring to central o
    ... Looking for a SQL Server replication book? ... geographically-dispersed remote locations. ...
    (microsoft.public.sqlserver.replication)
  • Re: Remote site not replicating after ISA upgrade
    ... Both ISA and AD are configured in hub and spoke layout. ... server here in our main office. ... I can also remote desktop from the home into ... replication traffic that is being blocked by ISA. ...
    (microsoft.public.windows.server.active_directory)
  • Re: what new 2008 AD features may I want to consider for this?
    ... It appears the most significant unkown to me at this point, is with regard to WDS. ... The servers are not for internal use as in a typical corporate deployment scenario, they will be for end-customers, and the final specific 'role' of the server is configured upstream by a different department. ... RODC unidirectional replication also applies to both Active Directory and Distributed File System Replication. ...
    (microsoft.public.windows.server.active_directory)
Loading