Johnny,
A couple of things:
-It is almost always a good idea to have two of everything! So, yes, it
would be advantageous to have two Global Catalog Servers,
-the recommendation does not really apply if you have only one domain -OR-
if you make all of your DCs Global Catalog Servers,
-the Schema Master role is an Forest-wide Role and is held by only one DC in
the entire Forest - regardless of the number of Sites,
-the Infrastructure Master role is a Domain-wide role and is held by only
one DC in each Domain, regardless of the number of Sites.
HTH,
Cary
"Johnny Chow" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thank you Cary,
> I awared the global catalog hold the part of replicate AD and
> authentication. I built two DC at main office and followed Microsoft
> recommendation not to setup infrastructure master and GC on the same
server.
> One day GC server crashed on me then user ID could not authenticate. Does
> this mean I need to have minimum of two GC servers and one DC server as
> schema and infrastructer master on each site to have fault tolerance?
>
> Regards,
>
> Johnny Chow
>
> "Cary Shultz [A.D. MVP]" <(E-Mail Removed)> 在郵件
> news:(E-Mail Removed) 中撰寫...
> > Scott,
> >
> > Don't know. I guess that it is the job of the CIO ( or IT Director or
> > whatever the title is named ) to make sure that 'politics' are
minimized.
> > It is simply foolish to think that 'politics' will never be a part of
the
> > decision making process. It always will be. Just the way it is...and
> > always will be. Granted, it can be managed and minimized ( at least
from
> > what I have seen ) but will always be present.
> >
> > And it is too bad. Sometimes some really asinine policies are put in
> place
> > because some whinny little rat ( opps, that slipped! sorry! ) really
wants
> > this or that...but there are always ways to eventually 'fix' that
> 'problem'.
> > Funny how upgrading an operating system often results in that 'fix'. I
> > guess it is just a matter of picking your battles ( which mostly
consists
> of
> > knowing which battles to fight and which battles to avoid ).
> >
> > Have a nice night and an even better tomorrow ( God willing! ).
> >
> > Cary
> >
> > "NIC Student" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > Nice post, Cary. *sigh*, why is it always the political reasons that
> end
> > up
> > > making the decisions....???
> > >
> > > --
> > > Scott Baldridge
> > > Windows Server MVP, MCSE
> > >
> > >
> > > "Cary Shultz [A.D. MVP]"
> > > > Johnny,
> > > >
> > > > This is *usually* WINNT 4.0 thinking!
> > > >
> > > > You might want to look into Active Directory Sites and Services. By
> > using
> > > > "Sites" you can have one domain that has multiple physical
locations.
> > > >
> > > > Also, you might want to post this to the Active Directory News
Group.
> > You
> > > > can get a whole lot of information on this over there ( as well as
in
> > > > here! ).
> > > >
> > > > Essentially what you will have will be 'yourdomain.com' spread out
> over
> > > > the
> > > > various physical locations. So, in a typical scenario you will have
> the
> > > > 'main' office and several 'remote' offices. You will typically want
> to
> > > > have
> > > > at least one Domain Controller in each of the remote offices ( well,
> > > > depending on how many users are going to be there ) and two in the
> > 'main'
> > > > office. You will have to consider the location of the Global
Catalog
> > > > Servers. You would *probably* want at least one Domain Controller
in
> > each
> > > > Site to be a GC.
> > > >
> > > > You will need to set up the Sites in the Active Directory Sites and
> > > > Services
> > > > MMC. You will notice that you have one already ( the
> > > > Default-First-Site-Name ). If you would like you can rename it.
You
> > need
> > > > to create the Subnets ( i.e., 192.168.1.0 / 24 ) and then associate
> > each
> > > > Subnet with the appropriate Site. You will need to create the Site
> > links.
> > > >
> > > > So, how does this work? Well, in Active Directory there are two
ways
> > that
> > > > things replicate: Intra-Site ( all Domain Controllers in the same
Site
> > > > replicate with each other ) and Inter-Site ( where one Domain
> Controller
> > > > from each Site is designated as a Bridgehead Server and the BHS from
> > Site1
> > > > replicates with the BHS from Site 2 - at this point the Intra-Site
> > > > replication happens....).
> > > >
> > > > Are there any reasons why you would want to have child domains?
> > Usually
> > > > the reason is that one 'group' wants a really strong password policy
> and
> > > > the
> > > > 'others' do not. Or, there could be political reasons.
> > > >
> > > > HTH,
> > > >
> > > > Cary
> > > >
> > > >
> > > >
> > > > "Johnny Chow" <(E-Mail Removed)> wrote in message
> > > > news:uBXx%(E-Mail Removed)...
> > > >> I am still newbie. My company want to setup up branch office by
> using
> > > >> VPN
> > > >
> > > >> through cable modem. The transfer speed is half megabyte. Should
I
> > > >> setup
> > > >> as multiple domain or subdomain for the organization? Will the
> network
> > > > kill
> > > >> me if I install the subdomain controller at remote branch site?
Any
> > pro
> > > > or
> > > >> con will be appreciated.
> > > >>
> > > >> Thank you in advance,
> > > >>
> > > >> Johnny Chow
> > > >>
> > > >>
> > > >
> > > >
> > >
> > >
> >
> >
>
>
|
Similar Threads
