In the future my company will have 3 main office.
This is my first time i've to manage 'branch offices'.
Main site will manage 30 devices (user + device) , secondary branch at maximum 10-15 devices per branch.
All branches will be connected through 8-10 mbit symmetric HDSL lines.
We will have the main office with 1 windows server (2008) with active directory. The others 2 offices will have their server.
So my question is: how will be managed active directory ? We have to configure active directory eithers to the branch offices ? Or maybe we will have to simply 'replicate' main active directory ?
Can you point me some usefuls link that explains how to manage multi sites active directory ?
Best Answer
You have a couple of options.
You can set up child domains at each remote office and have a forest root at your HQ.
You can have a single AD domain that spans multiple sites with domain controllers at each site, which is configured using the Active Directory Sites and Services snap-in.
#2 is recommended by Microsoft now-a-days and you really don't need child domains unless you have an explicit reason to. They are management boundaries, but most management can be delegated easily using the ADUC Delegate Control wizard in modern versions of AD.
I recommend at least 2 DCs at each site for resiliency with either plan, but if push comes to shove, you can get by with 1 at each remote site and at least 2 at the main site.