AD site to site replication

R

Ryan

Our company has one main office and several remote
jobsites. The original way we set up job sites was to
place a Domain Controller at each site and then create an
AD site for replication. We are not running DFS. I was
thinking that since we have to setup a VPN connection
from the jobsite to the home office for replication, is
there a valid reason why we need a DC at each jobsite.
Couldn't the remote sites authenticate to the DC's
located in the main office over the VPN tunnel? These are
small sites, usually 5-10 users. Our network is very
simplistic, W2K servers in an AD native environment with
WXP Pro on workstations. Any reasons why this alternative
setup would not be a good idea would be appreciated.
Thanks.
 
B

Brian Desmond [MVP]

This would be a problem if you lose the VPN. In native mode, you need a GC
to logon for universal groups and stuff like that too. If you've already got
the DCs there, why pull them out? Are they costing you money? I'd leave htem
unless there was a business reason not to.

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com
 
R

Ryan

No I would not be pulling them out. I was just
contemplating not setting up new sites with DCs. I'm
planning for two new startups this summer. I suppose you
are right, if I do lose the VPN connection (due to
Internet loss or whatever), no one can even log into to
their workstations and access local resources (printers,
servers, etc). Not worth the small price it costs to
setup a DC. Thanks for the advice.

Ryan
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top