[ActiveDir] Help with topology

[Drew Burchett]

I have a client that I’m having trouble setting up Active Directory topology for.  The layout:   1 Central office with two domain controllers, 1 Global Catalog, T1 connection 5 Branch offices with 1 domain controller and DSL or Cable connections. 1 Branch office with 1 domain controller that is also an Exchange Server, on a T1.   All the offices are connected to the central office through a VPN maintained by a Cisco PIX at each location.  They are not directly connected to each other.  When I originally set this up, I pointed all the machines to the main DNS server at the central office.  However, if the VPN or the T1 went down, they were not able to access the internet and since they use a third-party application host, this is critical for business.  To alleviate this problem, I installed DNS on each of the branch office computers.  This worked fine until Exchange 2003 was introduced into the picture.  Since all of the sites now register and replicate their DNS information, the slowest sites always end up at the top of the list of name servers.  In addition, the KCC is always attempting to create links between the Exchange server and all the other sites besides the central office.  Thus, whenever I have to restart the Exchange server, it takes several hours for it to properly start up.  I assume that this is because it is attempting to retrieve DNS information and AD information from the slowest links rather than the CO, with which it can readily communicate.  What I would like to do is set up a topology so that all the branch offices are replicating ONLY with the CO and the Exchange server will ALWAYS get its information from the CO and nowhere else.  However, first, I don’t know how to accomplish this, and second, I don’t know if this will actually solve the problem or not.  Any thoughts or suggestions on how to make this better?   Drew Burchett United Systems & Software Ph:    (270)527-3293 Fax:  (270)527-3132   -- CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.