Remote Offices Active Directory question

N

ntrlsur

Currently we are running a 2k AD structure with 2 remote offices that
connect back to the main office via a checkpoint VPN solution running
over a T1.

There are no AD resources at the remote officies except a member server
at each office acting as a file server.

Currently we are having some issues with clients being able to query
DNS here at the main office. As well as us able to access there
machines by name instead of IP address. I don't want to use WINS
anymore since there are no clients on the network that need it.

I am thinking the best solution would be to make each server at the
remote offices a DC with DNS/GC so that local clients won't have to try
and authenicate over the VPN link and they can have the benefit of
having an AD intergrated DNS locally to resolve any addresses they may
need.
 
D

Danny Sanders

I am thinking the best solution would be to make each server at the
remote offices a DC with DNS/GC so that local clients won't have to try
and authenicate over the VPN link and they can have the benefit of
having an AD intergrated DNS locally to resolve any addresses they may
need.
Click to expand...

I would agree.

We have 50 or more DCs at sites with DNS/GC and AD integrate DNS, with no
problems like you mention. We have each site DC pointing to a central DNS
server here at corporate and to themselves as alternate for DNS.

hth
DDS W 2k MVP MCSE
 
P

Paul Bergson

How big are the pipes on the VPN? Are they unreliable? It sounds to me
like you have connectivity problems, there should be know reason you have to
put DC's at remote sites for the problem you describe. How many clients do
you have at the remote sites? The amount of info you have provided doesn't
give a good picture of what is going on in your environment.

--
Paul Bergson MCT, MCSE, MCSA, Security+, CNE, CNA, CCA
http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup

This posting is provided "AS IS" with no warranties, and confers no rights.
 
T

Tim.Olsen

Currently we are running a 2k AD structure with 2 remote offices that
connect back to the main office via a checkpoint VPN solution running
over a T1.

There are no AD resources at the remote officies except a member server
at each office acting as a file server.

Currently we are having some issues with clients being able to query
DNS here at the main office. As well as us able to access there
machines by name instead of IP address. I don't want to use WINS
anymore since there are no clients on the network that need it.

I am thinking the best solution would be to make each server at the
remote offices a DC with DNS/GC so that local clients won't have to try
and authenicate over the VPN link and they can have the benefit of
having an AD intergrated DNS locally to resolve any addresses they may
need.
Click to expand...

That sounds unnessesary, unless as Paul pointed out, your connection is
unstable.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Single domain AD with many separated offices 9
Question - Remote sites without servers over vpn 3
Do you put DC's on branch offices connected via fiber ? 3
Creating Remote sites Properly 3
Slow logins via RDP in Branch offices 1
Connecting to Domains using VPN's 2
Why is my group policy not implemented across our WAN? 1
active directory design 14

Top