Announcement

Collapse
No announcement yet.

simplify Active directory branch office implementation

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • simplify Active directory branch office implementation

    gurus,
    How many windows servers that we need to implement Active Directory Branch Office Guide?
    http://www.microsoft.com/downloads/d...displaylang=en

    My aim is server in Head Quarter can connect to 17 Branch Office.(Single Domain)

    - can we simplify the number of server that we used ?
    - can i install the Active directory without the Secondary DC?

    Thanks for the answer and sorry if i m in the wrong room..

  • #2
    Re: simplify Active directory branch office implementation

    Hi,
    There are some factors that you need to consider when planning the Active Directory infrastructure. I have listed some basic ones below to get you started.
    What are the speeds of the WAN links and how reliable are these links?
    How many people are on each end of the WAN links?
    Do you use Exchange and any other AD aware applications?
    Also the head quarters site you would want a minimum of two DCs

    Regards,
    Jamie

    Comment


    • #3
      Re: simplify Active directory branch office implementation

      Remember also that with Server 2008 you can use RODCs to increase security in small branch offices

      But as a minimum IMHO:
      2 DCs at HQ
      1 at each branch
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: simplify Active directory branch office implementation

        Originally posted by Jamie132 View Post
        Hi,
        There are some factors that you need to consider when planning the Active Directory infrastructure. I have listed some basic ones below to get you started.
        What are the speeds of the WAN links and how reliable are these links?
        How many people are on each end of the WAN links?
        Do you use Exchange and any other AD aware applications?
        Also the head quarters site you would want a minimum of two DCs

        Regards,
        Jamie
        hi jamie, thx for the reply..
        1. minimum speed of the WAN is 192Kbps while the max can up to 700Kbps
        2. There are more than 20 computers in the branch office that rely on their own AD.
        3. in the future after implement this, We want user in branches can have an exchange account.
        4. Why i need two DC? can i have it only one?

        Comment


        • #5
          Re: simplify Active directory branch office implementation

          Originally posted by Ossian View Post
          Remember also that with Server 2008 you can use RODCs to increase security in small branch offices

          But as a minimum IMHO:
          2 DCs at HQ
          1 at each branch
          thx for the reply,
          RODC need win server 2008 in each server, our application in branches still not compatible with that.. so we need to use win 2003 server.

          can you explain the configuration and the use of each 2 DCs at HQ and 1 at each branch..?

          Comment


          • #6
            Re: simplify Active directory branch office implementation

            Not a lot to explain really:
            HO -- one DC holding the FSMO roles and a second in case of disasters and to share the load
            Branches -- smaller number of users so only need a single DC -- if it is not available, users can authenticate over the VPN to HO
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: simplify Active directory branch office implementation

              i think i need to install DC in every branches just in case the WAN link have a trouble.

              i got confuse following the documentation.. can we simplify it?

              Comment


              • #8
                Re: simplify Active directory branch office implementation

                But what is your goal with it. Sure you might get away with just one DC but performance, scalability and even reliability are out of the question in this scenario.

                How large are your branch offices? Personally if they are small and if you are tight on budget I would plan the branch office DC's carefully.
                Also you are stating that Windows Server 2008 Dc's are out of the question because of some applications? What applications?
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment


                • #9
                  Re: simplify Active directory branch office implementation

                  Its a small branch.. around maximum 20 computers.
                  This branches using R3 application that built with .Net, actually we have not fully testing it in 2008 environment. so i think we can still rely on 2003.

                  the full idea of having this is single sign on.
                  i though implementing branch office DC can solve this problem.

                  Comment


                  • #10
                    Re: simplify Active directory branch office implementation

                    With 20 users, I suggest a branch DC is a must
                    Tom Jones
                    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                    PhD, MSc, FIAP, MIITT
                    IT Trainer / Consultant
                    Ossian Ltd
                    Scotland

                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: simplify Active directory branch office implementation

                      I'd go with all the suggestion that have been made so far.

                      HO - Minimum of 2 DC's depending on the number of clients
                      BO - 1 DC per branch office site.

                      Regarding logons i'd ensure that each site, regardless of branch office or head office has a GC available to process logons.

                      Comment

                      Working...
                      X