Announcement

Collapse
No announcement yet.

Forest - domain question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Forest - domain question

    For the moment my company has 8 European locations, each with their own domain and no trusts, connected by a WAN.

    We are looking in to the possibility to use
    A) one forest, one domain (and work with sites)
    B) on forest, multiple sub-domains (with trusts)

    All DC will be 2003 server.

    Could someone answer these quesions ? :

    1) If you work with the multiple domain model, do you need additional DC's for the top domain ? Or is it possible to run this on DC's of a sub-domain.

    2) If you work with the multiple domain model, is it easy for the user from sub-domainA to go to sub-domainB and use printers and networkdrives? Or do you need to use the single domain model for this task?

    3) What model do you guys recommend ?

    4) Is there an estimation how much act. dir. traffic will occur in both models?

    5) When using the one domain model, can you still work with offline files ? How can it detect it's offline and why won't it start replicating over the WAN?

    I hope someone can help me,

    tnx alot !

    Hans

  • #2
    1) If you work with the multiple domain model, do you need additional DC's for the top domain ? Or is it possible to run this on DC's of a sub-domain.
    Yes. You will need separate DCs for the forest root domain if you go for empty root model (empty root domain + child domains)

    2) If you work with the multiple domain model, is it easy for the user from sub-domainA to go to sub-domainB and use printers and networkdrives? Or do you need to use the single domain model for this task?
    This is transparent. As long as the user account and the resource are in the same forest, the authentication is seamless.

    3) What model do you guys recommend ?
    Depends. This is not only technical issue. Things you will need to consider:
    1. who will manage local sites ? Are the sites centrally managed or each site has it's own support folks ?

    2. time zones - if you are spread all over the world, you might want to design the AD the way that a single domain will not span more than 8-12 time zones - this way you can introduce critical changes at night, knowing that it does not affect end users

    3. Are you planning to deploy Exchange ?

    4. How do you provision account creation ? Does a new account has to be authorized by HR department ? You might consider putting all user accounts in one domain and have child domains for site's computers/servers. Kind of "Account/Resource" approach if you are familiar with NT world.

    5. This is very important topic. Generally it is a good idea to collapse domains into more centrally managed units (single domain), but I guess that local site admins will oppose, as they will not have the level of permissions they used to have. Think this one out very carefully - the decision will greatly depend on the willingness of local site admins to cooperate.

    4) Is there an estimation how much act. dir. traffic will occur in both models?
    I do not believe there exists a magic formula to figure the network traffic. See my reply in the other thread you started on this topic.

    5) When using the one domain model, can you still work with offline files ? How can it detect it's offline and why won't it start replicating over the WAN?
    Do not quite understand the question, but there is no difference between single or multiple domain models in regards of the way offline folders work.
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"

    Comment


    • #3
      Guy, thank you for your insight.

      About question 5 :

      The problem we are having with offline files is that if the pc detects a connection to his "home server" over the WAN (>128k) it starts replicating and works online.
      I enabled slowLindDetection in via Group policy but this doesn't seems to work. Do you know another way to tell the pc : Now you are offline, Now are you online.

      I found this reg entry (but then you have to reboot every time)


      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\NetCache]
      "Enabled"=dword:00000001
      "DefCacheSize"=dword:00000220
      "GoOfflineOnSlowLink"=dword:00000001


      Tnx Guy !

      Comment

      Working...
      X