Active Directory Noob Alert

  • Thread starter Thread starter Joseph
  • Start date Start date
J

Joseph

I apologize in advance for the lengthy discourse here.

We are a mediumsized organization (1,000 + users) making final
preparations to migrate from an NT domain structure to Active
Directory. Part of our organization is a ship with it's own small LAN
and domain. They are at sea eight to nine months a year. Full time
satellite connectivity is not an option (financial). Up until now, we
have merely re-established the trust between their domain and ours
when they tie up and "plug in" so they can access resources in our
domain. Once we go fully native, what are our options for them to
access our resources when they are in port? Access when they are at
sea is not an issue. TIA.
 
Ideally your ship would be a child domain of your land based forest, or even
just an OU in the domain. Unfortunately, this isn't going to work out. If AD
DCs are disconnected for more than 60 days at a time, things get screwy with
replication, and deleted objects will start showing up. If you can be sure
that the ship will dial in and replicate at least once every 60 days, a
child domain in the land-based forest is fine. Domains in a forest have
transitive trusts, so they all trust each other. When the ship is docked,
resources will be accessible between the domains.

If you cannot guarantee that the ship will dial-in every 60 days, you'll
need to setup a seperate forest, and then hav the ship's domain trust the
land-based domain.

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com
 
Back
Top