AD Site Topology

Hi Folks

I wondered if I could get some input into this situation. We are
looking at doing an AD design. We have pretty much a hub spoke network
architecture with a lot of good links between sites (1GB/100MB).
Prevously in other designs I have always seperated poorly connected
sites out into their own AD site depending on if a local domain
controller was required or not. If no local services were required
then that sites subnet was simply added to their parent sites AD site.
Given the situation that most sites are connected via 1GB connections
I am leaning towards not creating individual sites but grouping these
locations into a single site. Due to the network speeds here
authenticating with a domain controller in a different physical
location (which could happen) should not be an issue here and also
with links this fast who cares about the replication path the KCC
creates and the replication traffic generated between the domain
controllers? On the other hand it would be cleaner and tidier I guess
to create individual sites for each physical location. I am really
undecided here, I dont think either way is right or wrong but would
value any input anybody cares to add.

Incidently Exchange 2007 will be in the mix and that uses AD sites for
routing purposes, however the plan is to only have a couple of
clusters in strategic locations and the well connected sites will
simply be accessing the centralised servers over the WAN.

Appreciate any input.

TIA

AJ

I would consolidate any child domains into one domain (forest root domain),but

I would consolidate any child domains into one domain (forest root domain),
but I actually prefer to use Sites, even with a such a high speed backbone.
This way if any of the link goes down, at least the clients in their
respective locations will still be looking for that cached DC having
problems authenticating to print, or Outlook looking for that cached DSProxy
to a GC outside of it is physical location resulting in Outlook problems, as
well as Exchange, because it discovers GCs based on Sites, will hollar, shut
services down, etc, if a GC is no longer accessible.

I hope that helps.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.

On 30 Oct, 05:55, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.

On 30 Oct, 05:55, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.org>

Hi Ace

thanks for your reply. The high speed connected sites would still have
local infrastrcuture i.e. DC's/F&P but not exchange.
Just to make sure I am clear on your response - You mean if the local
client happended to authenticate with infrastrcuture outside of its
physical location these problems would occur if a link went down, i.e
the DC/GC would not be available anymore?

Exchange is normally pretty good when a GC/DC goes down or is
unavailble as it will have knowledge of all the GCs in the site as
well as out of the site and should recover, so I dont really see that
as being an issue. The services should only stop if there are no GCs
available and that wont be a problem as there will be quite a few GCs
local to the Exchange Servers and in other physical locations. The
client side is a good point though although I thought MS improved the
ability for Outlook to recover from a lost GC, I seemed to recall
reading something a couple of years back.

TIA
AJ

I see no reason to create a seperate site with that type of connectivity.

I see no reason to create a seperate site with that type of connectivity.
If a site has a large number of users or there is some critical app, you
should consider placing a DC at the site.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

Correct.

Correct.


Actually, if there are multiple GCs, it depends on which GC it has locked on
to. If your whole infrastructure is in one AD Site, you will not know which one
it is until it goes down.

On 31 Oct, 07:14, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.org>wrote:

On 31 Oct, 07:14, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.org>
wrote:

On 2 Nov, 01:41, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.org>wrote:

On 2 Nov, 01:41, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.org>
wrote: