Remote Offices Active Directory question

  • Thread starter Thread starter ntrlsur
  • Start date Start date
N

ntrlsur

Currently we are running a 2k AD structure with 2 remote offices that
connect back to the main office via a checkpoint VPN solution running
over a T1.

There are no AD resources at the remote officies except a member server
at each office acting as a file server.

Currently we are having some issues with clients being able to query
DNS here at the main office. As well as us able to access there
machines by name instead of IP address. I don't want to use WINS
anymore since there are no clients on the network that need it.

I am thinking the best solution would be to make each server at the
remote offices a DC with DNS/GC so that local clients won't have to try
and authenicate over the VPN link and they can have the benefit of
having an AD intergrated DNS locally to resolve any addresses they may
need.
 
I am thinking the best solution would be to make each server at the
remote offices a DC with DNS/GC so that local clients won't have to try
and authenicate over the VPN link and they can have the benefit of
having an AD intergrated DNS locally to resolve any addresses they may
need.
Click to expand...

I would agree.

We have 50 or more DCs at sites with DNS/GC and AD integrate DNS, with no
problems like you mention. We have each site DC pointing to a central DNS
server here at corporate and to themselves as alternate for DNS.

hth
DDS W 2k MVP MCSE
 
How big are the pipes on the VPN? Are they unreliable? It sounds to me
like you have connectivity problems, there should be know reason you have to
put DC's at remote sites for the problem you describe. How many clients do
you have at the remote sites? The amount of info you have provided doesn't
give a good picture of what is going on in your environment.

--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Currently we are running a 2k AD structure with 2 remote offices that
connect back to the main office via a checkpoint VPN solution running
over a T1.

There are no AD resources at the remote officies except a member server
at each office acting as a file server.

Currently we are having some issues with clients being able to query
DNS here at the main office. As well as us able to access there
machines by name instead of IP address. I don't want to use WINS
anymore since there are no clients on the network that need it.

I am thinking the best solution would be to make each server at the
remote offices a DC with DNS/GC so that local clients won't have to try
and authenicate over the VPN link and they can have the benefit of
having an AD intergrated DNS locally to resolve any addresses they may
need.
Click to expand...

That sounds unnessesary, unless as Paul pointed out, your connection is
unstable.
 
Back
Top