Oh don't mind me... I'm SBS... if you are going to spend the bucks on
two domain controllers...why not get duplicates on Exchange/ Front
end/Back end OWA and all that jazz while you are at it. I'm just as
concerned about email these days as I am the domain itself that's all. ;-)
Well.. I'd be implementing a domain even without the
spam/spyware/viruses... I have a domain at home :-)
Edwin wrote:
Hardware specifications were never mentioned. I agree. Beefy hardware is
not needed for WSUS or for a centralized Anti-Virus Server. The hardware
was available and this did not add too much if any administrative overhead.
Ideally, if the option is available, you will want to isolate points of
failure; i.e. I would rather have a WSUS or Anti-Virus server go down
individually rather then have both of them go down because they were on the
same box.
Correct. Workstations were operated by end users without administrative
privileges. It is because of massive amounts of spam, spyware and viruses
that a domain was implemented. I basically took away Administrative rights
from every one except those that needed it (SysAdmins). In those cases,
those individuals had their own workstations that were not on the domain but
the user still had access to MS Exchange. That way if something happened to
their machine it would not affect the entire network.
The files servers' main purpose was not for file sharing. It was for
storage of roaming profiles and storage of personal files on a networked
drive. This was needed so that anyone could sit anywhere and still have
access to their files. SharePoint was available as an option but that was
not a domain controlled server and a separate project.
I don't understand what you mean by having a front/back end Exchange server
because of the number of boxes built for the structure of the domain. Could
you explain how this relates?
Thanks,
Edwin
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA
aka Ebitz - SBS Rocks [MVP]
Sent: Monday, October 24, 2005 8:35 PM
To: [email protected]
Subject: Re: [ActiveDir] Geographic Domain Setup
<me asks stupid question>
You guys really do a separate server for a/v 'and' WSUS? WSUS doesn't
take that much juice, does need IIS and msde..but still... most folks on
the WSUS patch management listserve at least aren't putting it on that
beefy of hardware anyway. Also these days unless you are running without
local admin rights on those workstations...where's your anti spyware
server since you are separating things out like that.
Don't you guys want a front end/back end Exchange if you are going to
start building that many boxes?
TS box?
SQL?
Sharepoint? [plain old file and printer sharing is soooo last year]
And lets see...three locations in Hurricane target zones, one in
Earthquake zones, not quite sure about the risk factors for Atlanta and
Vancouver. That should be fun :-)
<end stupid question>
Ed Crowley [MVP] wrote:
You have asked a "consulting engagement" question, the kind of problem
that deserves the time, attention and probing that only someone
devoting a substantial amount of time working with you can solve.
Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T
------------------------------------------------------------------------
*From:* [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] *On Behalf Of *Edwin
*Sent:* Monday, October 24, 2005 5:38 AM
*To:* [email protected]
*Subject:* [ActiveDir] Geographic Domain Setup
Hello Everyone.
The company that I work for has been divided into two isolated parts.
As a result the corporate domain that is used will also need to be
divided. The employees of the old domain will remain in their place
while others will be put into a new domain. One domain will have
nothing to do with the other. I have been tasked with heading the
creation of a new domain that will be used in different geographic
locations;
1. Atlanta, Georgia
2. Miami, Florida
3. Orlando, Florida
4. Houston, Texas
5. Fremont, California
6. Vancouver, Canada
I have built a domain before but this was for one office of less than
100 employees. This domain is of a much larger scale and more complex.
I have read a few MSFT articles and have a little bit of information
as to what I am getting myself into. I was hoping that I would be able
to get more information from the community in hopes of getting real
life experience knowledge than a document that outlines best practices.
When I built the single site domain I had the below configuration that
worked very well for me. I think that I am going to create a similar
if not exact root domain. I think that I would am having more problems
with considering the geographic issues that I will be facing.
2 Domain Controllers
Both DNS Servers
FSMO roles divided
Both Global Catalogs
1 File Server
Roaming Profiles
Centralized Storage for User Files
1 Anti-Virus Server
1 WSUS Server
1 Exchange Server
Thank you all for your replies,
Edwin
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
