Need a bit of advice

  • Thread starter Thread starter Alfred B.
  • Start date Start date
A

Alfred B.

Hi,
I need to re-engineer my active directory structure and
need some help.

My setup is quite simple. I have 4 servers:

2 in city A (Primary/Secondary DC)
1 in city B (DC with its own separate domain)
1 in city C (DC with its own separate domain)

I need to consolidate this under one AD forest.

ADSL 512/128 provides the WAN amongst them.

In city A we have 2 routers, 1 for the private network,
the other for the internet.

The other 2 cities are part of the private network.
So we have a subnet in each location.

My question is this:

Should I set-up the other sites as secondary DCs of the
first root domain in city A?

Or should I create Active Directory child domains in the
other locations as part of the parent domain?

I know how to use the utilities but undecided on the
design to pick.

I will be centrally administering the lot.
City A has 50 users
City B and C have 10 users each.

I also want to deploy exchange server in each site and
should be part of the same internet domain. Ie each user
will have an email address with the same company internet
domain.

If I am to place server resource into subdomain , can I
still have my users to have the email address like
(e-mail address removed) or will they get (e-mail address removed)?

Can someone help?

Thanks

Regards

Alfred
 
From what I can read, I would not create separate child domains and would go
with creating one domain with tree sites (City A,B,C). I would advise
against creating separate domains, as it involves administrative overhead
and you need at least two DC's for each domain to make it fault a little
more tolerant. Create appropriate sites in AD for this to control
replication traffic. You also don't need tree exchange servers, a one would
be sufficient. Consider maybe Exchange 2003 and Outlook 2003 for client, as
it optimizes traffic better than previous versions.

--
Regards

Matjaz Ladava, MCSE (NT4 & 2000), Windows MVP
(e-mail address removed)
http://ladava.com
 
So you are suggesting to have secondary DCs in the other
cities as part of the same domain tree.

The main office is running Windows 2000 server SBS. I
think there would be a problem to have the other cities
running Windows 2000 server standard as secondary DCs.

I would have to upgrade the main office windows 2k sbs to
standard version to achieve this. Would I?


Secondly once I set this up, I could use OUs from an
administrative point of view to groups the users,
resources on a per city/state basis.

I read different advices on naming the AD domain name.
Some tell you to use domain.com (same as your external
name space), some tell you to use xxx.domain.com for the
root domain. What is the correct way?

Thanks

Regards

Alfred
 
If you have SBS in main office, then you can not create child domains, as
SBS is limited to allow no trusts. In SBS you can certainly have multiple
DC's and multiple sites. You can stick with SBS for now, because as I said
SBS will allow you multiple sites and DC's in those sites. I would use
domain.local for AD name, as SBS had some problems when setting up as
domain.com (or another registered domain name), because all of the services
running on one system.
If you have a chance I would suggest you to test SBS 2003 RC, as it is a big
improvement over SBS 2000 and it allows you to have 75 clients max (instead
of 50 in 2000 version).

--
Regards

Matjaz Ladava, MCSE (NT4 & 2000), Windows MVP
(e-mail address removed)
http://ladava.com
 
Dear Matjaz,
and thanks for your great advice.

I did try secondary dcs in the past with my main office
w2k sbs, it (the primary DC databases) all replicated
except that in the secondary DCs the SYSVOL was not
created (why?)

Also I was not able to login the secondary DC which was
local to the city I was in. I had created sites and
subnets and also site links.

My workstations kept coming up with "cannot find domain
controller" and they were using DHCP from the server and
was passing default gateway and DNS servers.

DNS was setup on the interstate city to use its own IP
and use a forwarder to point to the main office city DNS
server. It was active directory integrated and was able
to ping host discovered or created. I read something
about srv records in dns but do not fully understand. My
background is mainly Novell and remember in the Netware
days you could specify a preferred server, how is it done
in MSW2K Srv?

Thanks

Best Regards

Alfred
 
More info on why your DC is not sharing your sysvol is written in EventLog.
you could also run dcdiag and netdiag to get more info. First check, that
your DNS is working properly and all DC's are using the same DNS server and
not your ISP or Router.
Error message "Can not find domain controller" probably points to DNS
problems as DNS is used to locate DC's in AD (Win2000/XP/2003).
If you have one domain with multiple sites, then make all DC's a DNS server
(from your post I see that you have 2 in A, 1 in B and 1 in C), and make
them AD integrated, so that you don't need to worry about replication. Make
your clients use their local DNS servers as they will contain all
appropriate DNS records. Setup forwarders on DNS servers to your ISP's DNS
servers.
--
Regards

Matjaz Ladava, MCSE (NT4 & 2000), Windows MVP
(e-mail address removed)
http://ladava.com
 
Back
Top