Hi Cary
Thanks for responding. I didn't understand the benefit of a GC at
each site until I after I read your post. I did some more reading
online and from what I understand, a GC will contain a full replica of
AD objects within its host domain. I guess I'll have to read more to
understand how best to replicate this information.
The buildings range anywhere from 1/4 mile to 5 miles away from
eachother and I've noticed the problems since day one (2 years ago),
but I never tried to correct it because of the speed of the
connection. These days I'm finding more free time and I'd like to use
it to optimize my environment.
What's the firewall-to-firewall vpn for?
I am not aware of any other issues at this time. I did have a problem
with a DC a while back that stopped replicating. I was surprised that
clients were still being authenticated by this DC and outdated group
policies were applied to their workstations.
Thanks again. Yes, your response has pointed me in the right
direction. I just need to do some reading and some planning.
Thanks again!
NH
"Cary Shultz [A.D. MVP]" <
[email protected]> wrote in message
Ned,
That could be a really good start. I would generically state that you
should set up a Site for each building, create the appropriate Subnet(s) and
then associate each one with the appropriate Site. You could then move a DC
to each Site. Consider making each DC also a Global Catalog Server. Again,
these are very generic suggestions. You would have to manually create the
Site Links and most probably the appropriate Site Link Bridges.
How far away is each building from each other? Is it a logistical problem
to move DCs? This would help control Active Directory replication as well
as user logons. I would also suggest a Firewall-to-Firewall VPN between
each building ( consider using the building with 400 users as the 'hub' and
the other seven locations as 'spokes' ).
However, the WAN connections are very very fast! How long has this been
going? Are there other issues - other than the clients authenticating
against a DC over the WAN connection?
Does this help you get started? I can provide you with a ton of links if
you so desire.
HTH,
Cary