Questions

secondary domain controller

+
0 Votes
Locked

secondary domain controller

basheerpt
Hi,
I would like to get an advice on deploying a secondary domain controller in the organization.
At present we have a domain controller with AD integrated DNS serving around 500 users, it is located in HQ. It is win2K3 and having another DC (BDC) to support it as global catalog.

Now the question, I have another location which is connected by p2p currently people are not joined to the HQ domain, but log in through the Citrix. To avoid the hassles of citrix launching and loading, i want to remove citrix and login directly to the domain. Is it good idea to have an additional domain controller in this location to serve only the people here?

What is the best practice in this scenario? can a secondary DNS for this location? I would like to have expert advise who managed these type of situation.

Thanks for your help and best regards
  • +
    0 Votes
    Seonix

    I would advise putting another domain controller in your second location. Have AD integrated DNS across your domain, and make your second server a global catalog. This will make logon times at your remote site almost instant and will reduce the amount of AD related traffic being passed over the network.

    +
    0 Votes
    basheerpt

    Thanks for the input. The issue is, the people from this new location might need to log in from the HO also while they visit the HO with their laptops. In such cases, i dont want to trouble them changing logon to domain while log in.

    I would like to ask, the distributed AD is part of the original AD or its completely separated?

    Other than this, i like your idea of making it GC to have faster logons.

    Thanks again.

    +
    0 Votes
    jstinnett

    +1

  • +
    0 Votes
    Seonix

    I would advise putting another domain controller in your second location. Have AD integrated DNS across your domain, and make your second server a global catalog. This will make logon times at your remote site almost instant and will reduce the amount of AD related traffic being passed over the network.

    +
    0 Votes
    basheerpt

    Thanks for the input. The issue is, the people from this new location might need to log in from the HO also while they visit the HO with their laptops. In such cases, i dont want to trouble them changing logon to domain while log in.

    I would like to ask, the distributed AD is part of the original AD or its completely separated?

    Other than this, i like your idea of making it GC to have faster logons.

    Thanks again.

    +
    0 Votes
    jstinnett

    +1