Parent/Child domain design or member servers?

[Mark Smith]

Everyone,

My company is growing. We are located in Pennsylvania and now have
a second office in Virginia. We need one of our domain servers out
there. I want to go parent/child since it's a good security boundary.
People there formatted a previous server before removing it from the
domain and I'm afraid to place a member server where they will have
control. We have less that 100 total users, less than 50 in each
location.
Question 1: If I setup a parent/child domain and migrate the user
accounts down, will that affect child users accessing files on our
shared folders in the parent domain? Exchange runs on the parent
domain. So when a user logs into Outlook Web Access they will have to
login as CHILD\username rather than just username, since their account
is now in the child domain, correct?

Question 2: We are opening a third office shortly. If I create a
second child domain how many issues will arise for communication
between the child domains, if any?

Question 3: Would it be easier to just place a member server in the
second and third locations? Then I can segregate users with OUs. How
best can I secure the server so a local administrator can administer
DNS, DHCP, etc but not create Users or Groups?

Please give me some advice/pitfalls to watch out for since I would
like catch as many possible problems early on before they become big
problems.

Thank you,

Mark Smith

 

[Simon Geary]

You do not need a second or third domain in this scenario. All you need to
do is install a new domain controller for the parent domain in the other
offices and put them in their own OU's. You can then use the delegation of
control wizard to give the on-site admins the restricted level of control
you want them to have over their OU.
A child domain should only be used in your case if you wanted the on-site
admins to have full control over the domain which does not seem to be the
case here.