Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Creating New Infrastructure
Creating New Infrastructure [message #420824] Sat, 27 March 2010 08:48 Go to next message
khan  is currently offline khan  Saudi Arabia
Messages: 9
Registered: February 2010
Junior Member
Respected EveryOne

In my office we have a Primary Server (192.168.0.52) as a Active
Directory server.A secondary server for stand by(192.168.0.198).We
have internal Exchange mail server (192.168.0.53).And a ISA 2004
server is for Edge Firewall(192.168.0.199).There are some
application servers and 150 client computer in our office.
Now what is my questions are follows
1.We are going to open three brange offices in different locations
which are each contain atleast 50 clients.If that we need to connect
this diffent offices client computers to our main office Server for
Active directory service and application services and internal
exchange mail use. For that we need to create a secondary domain for
this offices
2.We need to give laptop users to access our Application as well as
active directory from outside of our office promises
So what is the best solution to create this infrastructure
efficiantly .Every possible option is useful for me to crate
it.Advance thanks

Thanks & Regards
P.S.Nawas Khan
Re: Creating New Infrastructure [message #420891 is a reply to message #420824] Sat, 27 March 2010 12:19 Go to previous messageGo to next message
Florian Frommherz  is currently offline Florian Frommherz  Germany
Messages: 86
Registered: February 2010
Member
Howdie!

Am 27.03.2010 15:48, schrieb khan:
> Respected EveryOne
>
> In my office we have a Primary Server (192.168.0.52) as a Active
> Directory server.A secondary server for stand by(192.168.0.198).We
> have internal Exchange mail server (192.168.0.53).And a ISA 2004
> server is for Edge Firewall(192.168.0.199).There are some
> application servers and 150 client computer in our office.
> Now what is my questions are follows
> 1.We are going to open three brange offices in different locations
> which are each contain atleast 50 clients.If that we need to connect
> this diffent offices client computers to our main office Server for
> Active directory service and application services and internal
> exchange mail use. For that we need to create a secondary domain for
> this offices

No, no - you don't create a seperate domain for that. You stay in the
same domain here. You'd need to consider whether you'll place a DC in
the branch office or not in case the WAN link between the branch and the
head office is down -- and think about the consequences and whether you
want a DC there or not.

What you - in any case - need to configure is Active Directory Sites and
Services and configure the site constellation as it is in real life.
That allows AD to tie its replication to a schedule that you create so
that bandwidth utilization of replication doesn't chew up all speed
available. Sites&Services is the way to go. Stay in one domain as long
as possible.

> 2.We need to give laptop users to access our Application as well as
> active directory from outside of our office promises
> So what is the best solution to create this infrastructure
> efficiantly .

Well, that second requirement runs pretty independently in my opinion.
I'd probably try to put a Terminal Server in place and have laptop users
connect to the terminal server and use that app from there. If that
doesn't work for you (maybe the app isn't built that way), think about a
VPN connection from the laptops to the head office.

Cheers,
Florian
Re: Creating New Infrastructure [message #421057 is a reply to message #420891] Sat, 27 March 2010 23:32 Go to previous messageGo to next message
khan  is currently offline khan  Saudi Arabia
Messages: 9
Registered: February 2010
Junior Member
On Mar 27, 9:19 pm, Florian Frommherz
<flor...@LEAVETHISOUT.frickelsoft.net> wrote:
> Howdie!
>
> Am 27.03.2010 15:48, schrieb khan:
>
> > Respected EveryOne
>
> > In my office we have a Primary Server (192.168.0.52) as a Active
> > Directory server.A secondary server for stand by(192.168.0.198).We
> > have internal Exchange mail server (192.168.0.53).And a ISA 2004
> > server  is for  Edge Firewall(192.168.0.199).There are some
> > application servers and 150 client computer in our office.
> > Now what is my questions are follows
> > 1.We are going to open three brange offices in different locations
> > which are each contain atleast 50 clients.If that we need to connect
> > this diffent offices client computers  to our main office Server for
> > Active directory service and application services and internal
> > exchange mail use. For that we need to create a secondary domain for
> > this offices
>
> No, no - you don't create a seperate domain for that. You stay in the
> same domain here. You'd need to consider whether you'll place a DC in
> the branch office or not in case the WAN link between the branch and the
> head office is down -- and think about the consequences and whether you
> want a DC there or not.
>
> What you - in any case - need to configure is Active Directory Sites and
> Services and configure the site constellation as it is in real life.
> That allows AD to tie its replication to a schedule that you create so
> that bandwidth utilization of replication doesn't chew up all speed
> available. Sites&Services is the way to go. Stay in one domain as long
> as possible.
>
> > 2.We need to give laptop users to access our Application as well as
> > active directory from outside of our office promises
> > So what is the best solution to create this infrastructure
> > efficiantly .
>
> Well, that second requirement runs pretty independently in my opinion.
> I'd probably try to put a Terminal Server in place and have laptop users
> connect to the terminal server and use that app from there. If that
> doesn't work for you (maybe the app isn't built that way), think about a
> VPN connection from the laptops to the head office.
>
> Cheers,
> Florian

Hi


Yes,we must place a DC in every branch office.But what i need to know
means how could we do it in a best manner.So that it is working very
effectively.any best articals or way to do it .I mean creating a
chield domain or Sub domain Or connecting it with a VPN or Broad band
line Or leased line with this offices.How to make this secondary
domain.

The second think is how do to it in VPN or Terminal Server for
application users.


Thanks & Regards

Nawas Khan
Re: Creating New Infrastructure [message #421117 is a reply to message #421057] Sun, 28 March 2010 06:23 Go to previous messageGo to next message
Florian Frommherz  is currently offline Florian Frommherz  Germany
Messages: 86
Registered: February 2010
Member
Howdie!

Am 28.03.2010 07:32, schrieb khan:
> Yes,we must place a DC in every branch office.But what i need to know
> means how could we do it in a best manner.So that it is working very
> effectively.any best articals or way to do it .I mean creating a
> chield domain or Sub domain Or connecting it with a VPN or Broad band
> line Or leased line with this offices.How to make this secondary
> domain.

You *must* place a DC in those branch offices? Is that a requirement? AD
and clients can work without a DC in all those branches if you have
Active Directory Sites and Services setup correctly. DC-less sites will
be "covered" by DCs from other sites. You don't necessarily have to put
a DC in every site you have clients in.

Again, I would NOT create another domain for those sites or even for
every site a single domain. Leave that alone. It create more hassle and
a huge management and resource overhead. Evaluate whether or not you
really *need* a DC in all sites and, if so, put a machine into those
sites and promote them to a new DC in the already existing domain.
Exchange, clients and applications love that. Only create a new domain
if regulations and password policies force you to do so.

Cheers,
Florian
Re: Creating New Infrastructure [message #421558 is a reply to message #421057] Mon, 29 March 2010 00:31 Go to previous message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello khan,

I can second Florians suggestion complete. There is no need for a child domain
in your case. Us OUs to separate the offices in AD and this way you can also
use delegate control to have site admins without being domain administrator
to manage the site related tasks. Even if this requires more time to configure
the permissions for them you are able to control the sites setup easier as
with child domains.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> On Mar 27, 9:19 pm, Florian Frommherz
> <flor...@LEAVETHISOUT.frickelsoft.net> wrote:
>> Howdie!
>>
>> Am 27.03.2010 15:48, schrieb khan:
>>
>>> Respected EveryOne
>>>
>>> In my office we have a Primary Server (192.168.0.52) as a Active
>>> Directory server.A secondary server for stand by(192.168.0.198).We
>>> have internal Exchange mail server (192.168.0.53).And a ISA 2004
>>> server is for Edge Firewall(192.168.0.199).There are some
>>> application servers and 150 client computer in our office.
>>> Now what is my questions are follows
>>> 1.We are going to open three brange offices in different locations
>>> which are each contain atleast 50 clients.If that we need to connect
>>> this diffent offices client computers to our main office Server for
>>> Active directory service and application services and internal
>>> exchange mail use. For that we need to create a secondary domain for
>>> this offices
>> No, no - you don't create a seperate domain for that. You stay in the
>> same domain here. You'd need to consider whether you'll place a DC in
>> the branch office or not in case the WAN link between the branch and
>> the head office is down -- and think about the consequences and
>> whether you want a DC there or not.
>>
>> What you - in any case - need to configure is Active Directory Sites
>> and Services and configure the site constellation as it is in real
>> life. That allows AD to tie its replication to a schedule that you
>> create so that bandwidth utilization of replication doesn't chew up
>> all speed available. Sites&Services is the way to go. Stay in one
>> domain as long as possible.
>>
>>> 2.We need to give laptop users to access our Application as well as
>>> active directory from outside of our office promises
>>> So what is the best solution to create this infrastructure
>>> efficiantly .
>> Well, that second requirement runs pretty independently in my
>> opinion. I'd probably try to put a Terminal Server in place and have
>> laptop users connect to the terminal server and use that app from
>> there. If that doesn't work for you (maybe the app isn't built that
>> way), think about a VPN connection from the laptops to the head
>> office.
>>
>> Cheers,
>> Florian
> Hi
>
> Yes,we must place a DC in every branch office.But what i need to know
> means how could we do it in a best manner.So that it is working very
> effectively.any best articals or way to do it .I mean creating a
> chield domain or Sub domain Or connecting it with a VPN or Broad band
> line Or leased line with this offices.How to make this secondary
> domain.
>
> The second think is how do to it in VPN or Terminal Server for
> application users.
>
> Thanks & Regards
>
> Nawas Khan
>
Previous Topic:Users allow inheritable permissions check box
Next Topic:Mapping Network Drive From Windows 7 to a Win2k Server
Goto Forum:
  


Current Time: Tue Jan 16 10:41:43 MST 2018

Total time taken to generate the page: 0.03021 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software