Yep, they do have that but I think this is better. Here's why.... Almost zero administration overhead if done right. When you do this with NDS, you have to make logical choices of what partitions people go into and when they move around (say short term visit to some site for the summer or the winter - seasonal test sites) or someone who moves from site to site to site on a semi-monthly basis you also have to move around their user object. Sure you can build interfaces and provisioning around this but it is still admin work to be fired by someone when this move occurs and with many large companies, this would probably not even be done due to the extra overhead... The user would just be told to deal with it. This is something we do now instead of moving people between two US domains we have due to the pains associated with the move right now (this will be reeval'ed once in Exchange Native mode).
With a caching device this could be seamless, maybe at most have to say that an ID could be cached (say there are certain ones you don't want cached) and then anywhere in the world your user went, the first time they logged on the info would be brought to that local DC and cached with some sort of TTL. If the user stayed at that site the cached info would stay there and get doublechecked against the main corporate directory servers on a regular basis for updates. If they didn't authenticate for some time... Bam the info gets dropped. ------------- http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Sunday, March 28, 2004 11:32 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DEC Chatter - Was something else... That would be cool. If I'm not mistaken, I think NDS has allowed a similar capability for years in that you can cleave off parts of a tree and replicate it to those servers that need it most. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, March 28, 2004 6:26 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DEC Chatter - Was something else... 1. I don't think so... Not if it were a TRUE caching mechanism... I.E. You don't drag all of the account info for all objects in a single domain to the caching device, you only drag the ones used at that site... This should actually allow you to use a smaller machine especially with the domain consolidation going on... Visualize this... Say I have 2 NA domains, one services some 50k users, the other 75k users. Say your average remote site is maybe 5000 users. Normally you would have one or both of the domains there on DCs so you would have info at that remote site for some 125k users when you only need info for 5k users... So you go to a caching mechanism and have 5000 user's info there with a breakup of say 3000 users from one domain and 2000 users from another domain... I can't say that this is what Stuart was proposing, but wouldn't it be cool? ------------- http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Saturday, March 27, 2004 10:44 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DEC Chatter - Was something else... > 1. Caching Domain Controllers - basically a DC that did 2. Multiple > domain hosting from a single DC. In combination, these would definitely be nice for larger environments that have multiple Domain's with cutting down on hardware costs. Although I suppose individual DC's would need to be a bit beefier, at least there'd be a decrease in physical space requirements and some efficiencies gained somewhere. It would also help for DR type scenarios, too. > 3. Ability to stop/start Active Directory on the fly as a normal > service. This has always been a big request of mine as having to reboot into a special mode just to perform certain DS maintenance really annoys me. Also, if DNS is installed with AD integrated zones, the DNS server should go into a caching mode while the DS service is temporarily offline. > 7. Ability to have multiple password/lockout/complexity policies per > domain A popular request, I'm sure. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
