Announcement

Collapse
No announcement yet.

active directory multiple sites

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • active directory multiple sites

    We currently have 4 remote locations with two standalone Win 2003 servers at each location. Each location has 4 workstations. The workstation access a data base on the local servers. All of the servers and workstations authenticate via a broadband VPN tunnel to a central site with a windows 2000 server as the domain controller/AD. The problem is that the Broadband connection is not reliable and periodically gets dropped.

    Should we do DCPROMO at each location and create a backup domain controller?
    Would it create network traffic when all four locations try to replicate?
    Should I just make each individual location its own separate network since they are independent of each other.

    Any suggestions will be appreciated.

    TK

  • #2
    Re: active directory multiple sites

    Personally I think your better off upgrading your DC in the main office to W2K03 and then promoting a server in each office to be a DC as well thus all users authenticate with. There would initially be some traffic when it replicated with the main DC but then you can configure replication schedules to only replicate AD data after hours.

    You also have redundant DC's in your environment (Unless you main site has 2 DC's)

    Or you could wait for W2K08 and deploy a Core build RODC (Read Only Domain Controller) for added security.

    Hope this helps

    Michael
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: active directory multiple sites

      Agreed, I was in a similar position just recently with sites that had dodgy links. Put a DC at each site and each site can function if the link is down. A bunch of FRS alerts lets you know when it was offline too.

      Just plan your sites and IP address ranges right.

      Have a google for the Microsoft Branch Office INfrastructure doco-really nice.

      Comment


      • #4
        Re: active directory multiple sites

        OK, we did a DCPROMO at each site, but did not upgrade 2000 server to 2003.

        After the promotion we can't do a remote desktop to any of the 3 Windows 2003 servers. When clicking on the down arrow to select domain it doesn't even have the "local machine" .

        Your continued help is appreciated.

        Comment


        • #5
          Re: active directory multiple sites

          Originally posted by tkc View Post
          OK, we did a DCPROMO at each site, but did not upgrade 2000 server to 2003.

          After the promotion we can't do a remote desktop to any of the 3 Windows 2003 servers. When clicking on the down arrow to select domain it doesn't even have the "local machine" .

          Your continued help is appreciated.
          If they are domain controllers there is no local user database; you will therefore need a domain account with rights to log in remotely.


          Tom
          For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

          Anything you say will be misquoted and used against you

          Comment


          • #6
            Re: active directory multiple sites

            Originally posted by Stonelaughter View Post
            If they are domain controllers there is no local user database; you will therefore need a domain account with rights to log in remotely.
            We can't even login through Remote Desktop with the administrator account.
            Is there a way to bring back the builtin "remote desktop users" group? The group disappeared after the DCPROMO.

            Comment

            Working...
            X