How often (and for how long) does the T1 typically go down? If often, and for an appreciable amount of time, I'd ask management why they are not considering remediating the outage rather than placing a DC at an unsecured location. You usually get a response about cost associated with stabilizing the T1, and I'd then come back and ask them to consider the "costs" associated with someone/something tampering with that DC.I'll point out that, since this is a single domain/forest, any data corruption or theft that happens to THAT DC is not isolated to THAT DC - it affects the whole infrastructure. So, the 20 users we are trying to please now have an unnecessary ability to bring down our whole enterprise. This usually gets them to begin to reconsider their options.
Considering that mail services is now generally considered a "critical" service, I also ask management if, going by their concerns about service outage, they are intending to place another mail server at that site as well? If they are, then we talk about the "operational costs" associated with that as well. If they are not, then why not? If they say file service is more important, then why not just place a file server in there and let the DCs stay where they are now?
Mixing DC/F&P role is something you should discourage. Again, bring up the issue of "something" (say a virus) infecting a user and then infecting the DC as a result of your giving the user access to WRITE to the DC. This is not always a winner, but you are looking for ammo, and this is one of them.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
From: Larry Wahlers
Sent: Wed 6/28/2006 8:07 AM
To: [email protected]
Subject: RE: [ActiveDir] Ammunition, please!
Thanks, everyone.
> What is the connection speed between the office 20 miles away and your home office with the DC's now?
T1. IMO, plenty of speed to handle authentication. But, there is concern that if the T1 goes down, these 20 people will be unable to do anything at all on the network.
Larry Wahlers
