Announcement

Collapse
No announcement yet.

AD/OU design, multi site config??

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD/OU design, multi site config??

    Hi,

    I need to setup AD for a multi site organization. I'd like to keep this a simple as possible. W2k8 OS

    Site to Site VPN's already in place. All on different subnets. Most are cable connections with 5 MB up and 15-20 MB down. One is DSL at 512 KB up/down.

    OU config. - I'm planning on creating an OU for ALL workstations and an OU for Mobile devices.

    Mobile devices travel to the remote sites as well as work from home via VPN client software. Vista Business/XP Pro

    Main site will have the PDC running DNS and hold the local users files.

    One remote site will have a secondary DC.

    5 sites will authenticate over the VPN's. (3-10 users each site)

    1) Should I create OU's for each site or can I keep it as above? Advantages/disadvantages?

    2) "My Docs" redirection on remote PC's and mobile devices? Most users do not create docs or are light users. I'm concerned about the added tunnel traffic.

    3) Remote site IP via DHCP - All sites currently get IP addressing from the firewalls. DNS is pointed to the local ISP. For AD to work correctly, DNS needs to be pointed to the AD/DNS server at the main location. Again, I'm concerned about the added traffic. All users are moderate to heavy Internet users. I want ALL INTERNET traffic to go out the local WAN and not out the WAN of the main office. How does this work if DNS is pointed to the internal server? Do I configure the primary DNS to point to the internal server and add the local ISP DNS as second and third?

    4) Adding the secondary DC?? w2k3 OS - Anything special I need to know? Do I need to make any changes to the PDC?

    5) We may eventually add additional DC's at remote sites if needed.


    Please offer any suggestions as I'm all ears.


    Thanks,

    e

  • #2
    Re: AD/OU design, multi site config??

    For the OU's. It would depend on how different each of the sites are to what you are doing. I find it very useful to create an OU for each location, then add business units/functions under each location. This allows for more granularity when applying group policies. Disadvantage... the only thing that i can think of if you may "over complicate" your structure by trying to do too much.. but I feel it leaves room for future growth if properly thought out.

    For the My Doc's redirection, I don't think, if they are lite Doc users over a 5mb connection you would have much of a problem with that, however, they may find the access a little slow because it isn't on a 100MB LAN. I would set them up for My Doc's redirection but also set them up for offline files and have them work off a local copy and sync when they close down at night, that way the line is free and clear during the day, and they replicate when they go home and they are working locally throughout the day

    DNS.. again.. 3-10 users at each site on a 5mb connection, not gonna flood your gates with that. It may make the "internet" run slower because of the path of DNS resolution for the client, but your bandwidth will be fine. Anything short of having an active directory integrated DNS zone at each location, not much of a way of getting around this

    As for the 2k3 DC in a 2008 domain. Shouldnt be anything in particular. I am running a 2008 in my 2003 domain and there is no problem.
    Daniel Frei
    -Windows Operations Server Administrator
    -Exchange Guru
    -Cisco Fanatic
    -SharePoint Hippie
    -Volkswagen Enthusiast

    www.lazynetworkadmin.com

    Comment


    • #3
      Re: AD/OU design, multi site config??

      Thanks for your input.

      Were do I find the "offline" files and sync setting/config for the My docs redirect?

      Thanks,

      e

      Comment


      • #4
        Re: AD/OU design, multi site config??

        You would modify this via group policy.
        In 2008 it is
        User Configuration -> Policies -> Administrative Templates -> Network -> Offline Files

        2003 will be a similar path
        Daniel Frei
        -Windows Operations Server Administrator
        -Exchange Guru
        -Cisco Fanatic
        -SharePoint Hippie
        -Volkswagen Enthusiast

        www.lazynetworkadmin.com

        Comment


        • #5
          Re: AD/OU design, multi site config??

          Thanks,

          On a side note - Very stupid question but how do I get the threads in this forum to list from the frist to the last? I currently view the most recent first. this is a pain when I'm reading other posts that are multiple pages. i need to start at the end and work my way back.

          e

          Comment

          Working...
          X