General discussion



My client has 17 offices, most of then has less than 10 users, and they also have HQ with 50 users.
Their current configuration is to have a site per office with a domain controller on it.
In each office the domain controller is also a file server.
My question is, considering the file role is more important than DC role, is it necesary to have a DC per office when the office are small?
What is the network traffic of authenticating users vs AD repliation traffic? My users only use, outlook, and a MS SQL server based applciation.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to WHEN TO USE A DOMAIN CONT ...

rule of thumb in network design is if there few users and no servers and the WAN link to the authenticating DC is fast or underutilized and reliable you don't need a DC at the site. Rule of thumb on WAN links is 128k + of average available bandwidth including overhead and is a reliable link.

Collapse -

by BFilmFan In reply to WHEN TO USE A DOMAIN CONT ...

Assuming the following:

Windows XP Clients.
Windows 2003 Active Directory.
Existing mailbox, existing profile, no messages in the mail box.
Outlook 2003 Cached Mode.

Your users would generate 35185 Bytes and 142 Frames of traffic in the local network segment. This would be each time they opened the Outlook program to check for mail.

AD replication traffic is much smaller with WIndows 2003 as only updates are sent between global catalog servers. Previously, the entire global catalog would replicate when changes were made. Also, replication has been compacted.

Frankly in your situation, I would look into Citrix as a potential solution for reducing support costs even further.

Collapse -

by haileyan In reply to WHEN TO USE A DOMAIN CONT ...

Take into account disaster recovery. Suppose you loose your WAN connection or the home office DC goes down. How will your users authenticate? How will they get access to the shares on the file server that are using AD to secure those shares.

I consider it essential to have a domain controller at each site so those sites can continue to funtion should disaster strike. It costs you nothing extra to have it there and your server is not going to take any kind of drastic performance hit as long as you have setup your Active Directory Sites in an efficient manner.

Collapse -

by REZUMA In reply to

Poster rated this answer.

Collapse -


This question was closed by the author

Related Discussions

Related Forums