No announcement yet.

design AD for 4 branches of single company

  • Filter
  • Time
  • Show
Clear All
new posts

  • design AD for 4 branches of single company

    I want discuss a typical case where I have to provide Servers for a growing SME company. They have 4 sites and one head office. The IT manager sits only at one site, the other 4 sites are loosely managed by a local staff member only.

    Each site will have one file /AD server with average 20 to 40 users per site with their folder redirections configured to store file/folders to their site’s central server. Storage and backup for each site will be taken care of separately.

    I need help in designing Active Directory forest and decide what edition of Server OS shall I choose for them. They have around 4 internet domains but All 4 sites have staff working for one parent company. So there is one parent domain, and sort of 3-4 child domains under it. The IT manager wants to control the group policies and other maintenance tasks to be centrally managed by her from her office site.

    Is SBS 2011 suitable for such scenario? My dilemma is that though SBS is well suited for everything else, I cannot join it to a top level AD. The IT manager will have to control policies to all 4 different sites separately or is there a way to centrally control all 4 SBS from one single point ?? Can they replicate policies over a VPN ???

    Second decision involves E-Mail. I have a Dedicated server running with Webhost that runs AXIGEN mail server. it hosts around 100 users across 4 domains, one of which is a primary domain with around 50 users, these users are situated mixed at all 4 sites stated above. What I plan to do is, setup a local exchange (SBS) for each site, configure smart host and Rpop to the Internet Server running Axigen mail sever. This way each site will have an internal centrally managed email storage, plus for sending mails to external domains, exchange will relay the message to the internet mail server. The most basic requirement is Each individual site shall have its user’s mails centrally stored so tell me will SBS serve the purpose ??

    all 4 sites have a relatively independent function. other than some roaming profiles, like the stakeholder level people who are on laptops.... Also, the sites WON'T need to interconnect with each other as such, the VPN option would only be to implement company wide policies from one location to other 4 locations...
    Pls recommend, should I go for SBS at all 4 sites or should I install 2008 R2 at each site and then join then into one company Forest ???

    Please do ask if any other detail or info is required. I seek your advice to carefully design a centrally managed system for this growing company so that all licensing and hardware costs provide them a sufficient Return on investment without much upgrades or overhauling for the next 5 years or so…

  • #2
    Re: design AD for 4 branches of single company

    Simple answer: Get a Consultant

    One specific point -- do NOT get 4 x SBS as they will not trust each other. You will need a single domain spanning all sites unless you have a specific business case for subdomains
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: design AD for 4 branches of single company

      sbs is too small.

      get Server 2008 R2 DCs. Have 2 at the main office, and at least 1 at each additional office. You could make the branch sites using RODCs.

      use branchcache at the remote sites, to help reduce bandwidth for corporate data - you're already configuring all the redirected profiles at each remote site, so you don't need branch cache for that.

      I'd also use a single domain, no need to worry about sub domains, or separate domains.

      for mail server.. yea. get a proper exchange consultant.
      it's a bit project htough
      Please do show your appreciation to those who assist you by leaving Rep Point