Network (AD) design question

[Lamar Thomas]

Hey everyone,

It's been a long time since my WinNT 4.0 MCSE days. I need a little
refresher. I have an AD question but first let me lay out my (church)
network. About 75 users with no servers yet at all. We do have a DSL
connection now and will be getting our first Win2003 DC and will be running
AD. We will also be running Exchange and MS SQL (not on one server).

Our network is broken down into three subnets, each protected by a firewall.

(Each firewall will handle DHCP for it's own subnet)
Subnet A = 192.168.1.0/24
Subnet B = 192.168.20.0/24
Subnet C = 192.168.30.0/24

We will have one (1) windows domain (let's call it "church.org"). What I
would like to know is can we just have one (1) DC in subnet A? Will the PCs
in the other subnets be able to join the domain? Will they be able to join
AD? Will they be able to register and resolve in DNS across subnets
(barring any firewall rules that won't allow it)? All other servers
(E-mail, SQL) will also be in subnet A.

I know, it's only one DC but we are a non-profit org. and will have to grow
into more equipment. We just want to know will it work? Thanks for any and
all feedback.


Lamar

 

[Gino]

HI Lamar,
From your description of the network you have, you would have a routing
issue. The clients have to have a way to route from there network ID to the
other two. You say that you have firewalls on each subnet, can these be
configured to route? Or maybe you could go with a hosts file.

 

[Jeff Cochran]

Hey everyone,

It's been a long time since my WinNT 4.0 MCSE days. I need a little
refresher. I have an AD question but first let me lay out my (church)
network. About 75 users with no servers yet at all. We do have a DSL
connection now and will be getting our first Win2003 DC and will be running
AD. We will also be running Exchange and MS SQL (not on one server).

Our network is broken down into three subnets, each protected by a firewall.

(Each firewall will handle DHCP for it's own subnet)
Subnet A = 192.168.1.0/24
Subnet B = 192.168.20.0/24
Subnet C = 192.168.30.0/24

We will have one (1) windows domain (let's call it "church.org"). What I
would like to know is can we just have one (1) DC in subnet A? Will the PCs
in the other subnets be able to join the domain? Will they be able to join
AD? Will they be able to register and resolve in DNS across subnets
(barring any firewall rules that won't allow it)? All other servers
(E-mail, SQL) will also be in subnet A.

This will work providing the firewalls can route correctly (or you
have routers you didn't mention). DHCP should hand out the DC as the
DNS server. My main question would be why the subnets at all? If you
don't have a security issue then subnetting wouldn't normally be
needed, and if you did have a security issue you should be looking at
separate domains and DC's.

Jeff