There's probably no need to put a DC at such a small site. The authentication traffic over the wire is going to be insignificant. Cached credentials should get the local PC logons by any link outages.
For a lot of our remote sites, we supply DHCP from the central office. In some locations, we utilize the WAN router's DHCP server instead. As far as file/print services, what we do depends on the site and its needs. We prefer not to put out any more remote servers than necessary, so the site's needs will have to be well-documented to justify on-site servers. Malcolm -----Original Message----- From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, 07 July, 2008 10:46 To: NT System Admin Issues Subject: RE: Remote Location AD Question What do you guys use for IP assignment? We have 3 remote offices, each with less than 15 users, that I'd love to get to a point of not having a DC there. Do you have member server in place for files, etc? Or do you have everything going over the wire to your central site? Joe Heaton -----Original Message----- From: Steven Peck [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 02, 2008 9:32 AM To: NT System Admin Issues Subject: Re: Remote Location AD Question You definitely want those workstations joined to the domain. GPO for management, Anti-virus updates, patch management, reporting/inventory of the systems, remoting in for troubleshooting etc. Logon traffic for 50 workstations across a t1 is negligible as long as latency is low. On Wed, Jul 2, 2008 at 9:14 AM, David Mazzaccaro <[EMAIL PROTECTED]> wrote: > We don't use RDP, but rather ICA (Citrix) and it works great - all > their apps are available. > As for locking down - we use GPOs rather than locking them down > individually. > > > ________________________________ > From: N Parr [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 02, 2008 9:53 AM > To: NT System Admin Issues > Subject: RE: Remote Location AD Question > > Thanks, I guess I won't worry about it for now. It's just a shipping > warehouse at the moment and I'll be ok as long as they don't decide to > put office staff at the location. > ________________________________ > From: David Mazzaccaro [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 02, 2008 8:37 AM > To: NT System Admin Issues > Subject: RE: Remote Location AD Question > > I have a remote location w/ 30 workstations and IP phones, no remote > DC, connected over a MPLS VPN T1 circuit. > > Works great! Less filling! > > > > > > > > ________________________________ > > From: N Parr [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 02, 2008 9:23 AM > To: NT System Admin Issues > Subject: Remote Location AD Question > > > > How many member workstations would you put at a remote location > connected with a Site to Site VPN over a T-1 without a local DC? Only > other traffic on the line will be an IP phone, random print jobs and > RDP sessions from remote workstations. What I'm thinking is since > these remote workstations will run everything over their RDP sessions > I shouldn't even bother making them domain members. Just lock them down and only allow them access to RDP. > > Thanks > > Niles > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ This e-mail, including any attached files, may contain confidential and privileged information for the sole use of the intended recipient. Any review, use, distribution, or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
