Announcement

Collapse
No announcement yet.

Active Directory Requirements for an organisation with several branch offices.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory Requirements for an organisation with several branch offices.

    Hi,

    Friends, I dont have much idea for the pre - requirements to be considered for installing Active Directory for an organisation with several branch offices.Can you Please help me what all i should be aware and requirements while installing AD ?

    Thanks in Advance


    Regards,
    Anish

  • #2
    Re: Active Directory Requirements for an organisation with several branch offices.

    What infrastucture do you have in place already?
    is there an existing domain?
    Do you have permanent connections (VPN or LL) to the offices?
    How many users in each location?
    What is your budget?

    Have you considered a consultant?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Active Directory Requirements for an organisation with several branch offices.

      Currently, our organisation does not have any domain.
      AD has to be installed in a new domain.
      There are around 200 locations with around 10-20 users in each of the offices.
      The connections to branches are using Leased line / VPN.

      Regards,
      Anish

      Comment


      • #4
        Re: Active Directory Requirements for an organisation with several branch offices.

        Given the size of the organisation (2000-4000 users) and the lack of any existing AD infrastructure, I would strongly recommend getting in a good consultant. The cost will be far less than the cost of correcting mistakes if you do it yourself.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Active Directory Requirements for an organisation with several branch offices.

          Hi,

          You are right. But can you please tell me the recommendations from your side required for AD installation in order to control remote offices from this central server.

          Thanks

          Regards,
          Anish


          Originally posted by
          Ossian;262941
          Given the size of the organisation (2000-4000 users) and the lack of any existing AD infrastructure, I would strongly recommend getting in a good consultant. The cost will be far less than the cost of correcting mistakes if you do it yourself.

          Comment


          • #6
            Re: Active Directory Requirements for an organisation with several branch offices.

            OK - but please remember these are very general steps
            1) Learn a LOT about AD -- qualify yourself to MCITP (Enterprise Admin) and train your IT team to MCITP (Server Admin)
            2) Set up domain in main office -- ideally a test environment for you to practice with
            3) Learn about group policies and consider how they should apply in your environment
            4) Set up a domain in the main office with 2 DCs, add users, create and apply production group policies, join main office PCs
            5) Add servers to nearby branch offices and promote to DCs, add branch office users and add branch office machines to domain
            6) Repeat 5 until all offices are added

            Active directory provides central administration so with this model (one domain, multiple sites) you will be able to manage any site from any other location
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: Active Directory Requirements for an organisation with several branch offices.

              Thanks you very much Sir, Is it good to go with RODC or DC in remote branch offices ? In this case, there are around 20 users in one branch.

              Also, Having two servers in the main location, do you mean one to be used for having the fsmo roles and other for backup ?

              Thanks

              Regards,
              Anish



              Originally posted by Ossian View Post
              OK - but please remember these are very general steps
              1) Learn a LOT about AD -- qualify yourself to MCITP (Enterprise Admin) and train your IT team to MCITP (Server Admin)
              2) Set up domain in main office -- ideally a test environment for you to practice with
              3) Learn about group policies and consider how they should apply in your environment
              4) Set up a domain in the main office with 2 DCs, add users, create and apply production group policies, join main office PCs
              5) Add servers to nearby branch offices and promote to DCs, add branch office users and add branch office machines to domain
              6) Repeat 5 until all offices are added

              Active directory provides central administration so with this model (one domain, multiple sites) you will be able to manage any site from any other location

              Comment


              • #8
                Re: Active Directory Requirements for an organisation with several branch offices.

                RODC or DC is up to you, but remember RODCs will cause extra network traffic. Personally, for 20 users, I would implement a full DC / DNS / DHCP server but other opinions may differ

                Multiple DCs are for redundancy - the first will be the FSMO holder unless you move them, but the key is to maintain AD if one fails. Additional sites are less important and can survive with a single DC.

                Should have mentioned, you will need to review your IP schema and make sure each site is on its own subnet, and create all the sites in ADSS
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Re: Active Directory Requirements for an organisation with several branch offices.

                  Thank you for your advice sir..... It was helpful

                  Comment


                  • #10
                    Re: Active Directory Requirements for an organisation with several branch offices.

                    Originally posted by Ossian View Post
                    RODC or DC is up to you, but remember RODCs will cause extra network traffic. Personally, for 20 users, I would implement a full DC / DNS / DHCP server but other opinions may differ

                    Multiple DCs are for redundancy - the first will be the FSMO holder unless you move them, but the key is to maintain AD if one fails. Additional sites are less important and can survive with a single DC.

                    Should have mentioned, you will need to review your IP schema and make sure each site is on its own subnet, and create all the sites in ADSS
                    Sounds like a similar setup to a company I worked for a couple of years ago.
                    2000 employees, 100 branches across the country.

                    Each branch had:
                    1 PIX to VPN back to the main office
                    10.x.y.z - Y was unique per office with the office IP schema normalized across all offices (e.g. *.*.*.10 was always the server, .5 was WiFi, .1 was the PIX, .20-30 was for printers, .100 and up was for PCs).
                    1 dedicated DC / DNS / DHCP / file / print server per office
                    Each computer used Exchange over HTTPS to connect to email (Server 2003 back then)

                    We also synced certain remote DC folders late at night to the main office servers (software the users occasionally needed and whatnot).
                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: Active Directory Requirements for an organisation with several branch offices.

                      Thanks for the information..


                      Regards,
                      Anishk


                      Originally posted by Wired View Post
                      Sounds like a similar setup to a company I worked for a couple of years ago.
                      2000 employees, 100 branches across the country.

                      Each branch had:
                      1 PIX to VPN back to the main office
                      10.x.y.z - Y was unique per office with the office IP schema normalized across all offices (e.g. *.*.*.10 was always the server, .5 was WiFi, .1 was the PIX, .20-30 was for printers, .100 and up was for PCs).
                      1 dedicated DC / DNS / DHCP / file / print server per office
                      Each computer used Exchange over HTTPS to connect to email (Server 2003 back then)

                      We also synced certain remote DC folders late at night to the main office servers (software the users occasionally needed and whatnot).

                      Comment

                      Working...
                      X