No announcement yet.

AD Sites and Services

  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Sites and Services

    In the past I have only worked with organizations that were in the same geographical area, so sites and services was kind of overlooked. In many organizations DCs, DNS, and DHCP were also centralized so remote locations did not have these services.

    I am currently working in an organization that has remote sites in different countries and different states here in the US. We are all connected via a private MPLS. I am trying to figure out the best replication process. All remote sites have 2 DC's currently, I am trying to get this to one per site. My main site has 4 currently, but trying to get that to two. Now Every location I have designated a Bridgehead server, which means the replication will go to and from this one specifically then replicate to its local mate. The bridgehead server is set to replicate with its local mate and one server at HQ.

    Shouldn't the bridgehead server replicate with both DC's at HQ incase one fails?

  • #2
    Re: AD Sites and Services

    Have you thought about using RODCs in the remote sites?
    Joined: 23rd December 2003
    Departed: 23rd December 2015


    • #3
      Re: AD Sites and Services

      We have, but currently all DCs run 2003 at remote sites, so an upgrade plan is needed.


      • #4
        Re: AD Sites and Services

        I'm sure I replied to this earlier, but clearly something went wrong with the post
        Bridgehead servers are the preferred route between sites, and override the KCC:

        IMHO don't use them -- let the KCC get on with what it is good at!
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd

        ** Remember to give credit where credit is due and leave reputation points where appropriate **


        • #5
          Re: AD Sites and Services

          But if I have 12 domain controllers at one site and replication heads to that site isnt going to direct replicaiton at all 12 DC's essentially creating 12 unicast streams of data over the WAN, rather then one stream to hit the BH then let the BH replicate over the Local Lan?