Making the case for not installing DC's on remote sites (2xT1 links)

M

Marlon Brown

I put DC+GC on 5 remote sites where I have more than 200 computers/branch
office.

I have a total of 15 remaining sites with less than 130 computers/site and I
preferred not to put the DC+GC's there, that way I minimize the management
overhead associated with the administration of additional DC's.

I observe the T1's usage (we have two T1's connected from remote sites to
main office;one T1 is dedicated for data and one for data/voice) and they
are very low; at peak time, in the morning when people logs on between
8:30AM-9:00AM, in most sites the T1 usage barely goes above 15% o(in the
worst case scenario it reaches maximum of 400KB/s). Client logon in the main
office is < 40 seconds, approximately the same time it is taking for people
to logon from branch offices where I have no DC+GC there.

I read documents where MS recommended the installation of DC's on branch
offices with more than 60 computers.

In my case, in some sites I have way much more than 60 machines and I would
like to know if you agree that I can take advantage of T1's and continue
with this design, I mean, let the computers in the branch offices
authenticate to the 4 DC's in the main site.
 
C

Chriss3 [MVP]

Hello Marlon
You may also should thinking about disaster. what happens if the T1 lines
breaks/failure. Note a GC is a DC that is marked for this role. there is no
need for an additional DC.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
 
P

ptwilliams

In cases whereby network traffic has been observed and the effect of logon
traffic (the highest usually) is not overwhelming the link, the only good
reason for a local (to the site) DC/ GC is exactly what Chris said -
redundancy in the event of a comms problem.

However, cached credentials can work OK for simple file sharing operations
(apparently, I've had mixed results). If you're happy with the cross WAN
traffic then that could well be all the justification you need.

Then again, if the budget for the DCs is there...


--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


Hello Marlon
You may also should thinking about disaster. what happens if the T1 lines
breaks/failure. Note a GC is a DC that is marked for this role. there is no
need for an additional DC.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
 
M

Marlon Brown

Thanks.
In our case the T1's are pretty reliable and users are allowed to logon
using cached profiles to keep working locally until eventual T1 disruptions
are fixed.
 
C

Cary Shultz [A.D. MVP]

I will chime in. Looks like this topic is pretty much dead but maybe we
will come up with something that was not considered initially!

Marlon, I would consider having the local DC, especially if you have 'way
more than 60' computers/users in those Sites. I think that the logon
traffic ( that currently going across the WAN ) is only one point to
consider. Granted, it is usually the first and main point. But it is not
the only point.

Where do the 'remote' users store their files? I can speak from experience
that saving and retrieving files - especially larger one - over a T1 can be
a frustrating process. Do all of your users save their documents to a
server in the 'HQ' right now?

HTH,

Cary
 
S

stuartm

In NZ, a site with over 60 users is considered 'large'! I would normally
put a DC on any site with more than 20 users... :)
 
P

ptwilliams

This is a difficult argument, as we all have different opinions of large,
and there's always the bandwidth consideration factors. For me, I don't
consider 60 users large. I'd say that's a pretty small site. We have a
medium-large environment in my eyes, and we support around 2,000
servers -that's not including our internal infrastructure -that's another
25,000 users ;-) and I don't know how may servers -4,000 perhaps.

I've plonked a DC on a site with only 11 users, because the lines were poor
and we could afford it.

I've seen a DC/ Exchange server in a site with four users because two of
them were high up in the company and that's how the old environment was
setup.

Thought, network considerations and budget will rationalise your decision.

--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


In NZ, a site with over 60 users is considered 'large'! I would normally
put a DC on any site with more than 20 users... :)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Do you put DC's on branch offices connected via fiber ? 3
Slow logins via RDP in Branch offices 1
Replicating users between sites 2
Multi-site AD setup 3
Creating Remote sites Properly 3
loggin on AD problem 3
Best process for seting up remote DC? 9
DC's not replicating when in different sites 1

Top