Overclock.net › Forums › Specialty Builds › Servers › Moving domain controller off-site?
New Posts  All Forums:Forum Nav:

Moving domain controller off-site?

post #1 of 7
Thread Starter 
Under the impulse of the new CIO where I work, I've been tasked to move as many physical servers out of our little server closet to our coloc at a major datacenter nearby.

I can move just about everything except the Cisco networking equipment, but one thing remains I'm not sure of: the domain controller.

I'm all for moving it off-site but it was always ingrained into my mind that there should be a domain controller for every network or office you have. Ideally I'd like to have two at our main office for obvious reasons, but I don't know how feasible that's going to be.

Regardless, maybe my understanding that every physical location we have should have its own domain controller is outdated? I guess that's my main question.

Anyway, is it feasible and/or desirable at all to simply not have a DC at our office and move to our coloc? We have redundant 100 Mbps links between our office and the coloc, so the way things are now, if our PDC goes down, we can authenticate to the remote DC, but if we move the PDC out of here and our fancy redundant 100 Mbps link dies, then we can't authenticate to anything...

Then again, since all our production data is also off-site, authenticating to our computers wouldn't do us much good if the links to the coloc died at the same time.

Thoughts from other system admins?
post #2 of 7
This is how my work is becoming. I work in a DC and we're co-locating. WTH?

The idea is that if the DC goes down, if they have a local profile on the PC they can at least still log in and do basic work.
    
CPUMotherboardGraphicsRAM
Intel Overdrive 486DX4 100Mhz Digital Venturis 466 S3 Trio 32 1MB 68MB 72 Pin SIMMs 
Hard DriveOptical DriveOSMonitor
1.2Gb & 270Mb 32X CD-ROM Windows 98 SE LG 23" Flatron 
KeyboardPowerCaseMouse
Microsoft PS/2 Lite-On Digital Venturis 466 Logitech PS/2 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Overdrive 486DX4 100Mhz Digital Venturis 466 S3 Trio 32 1MB 68MB 72 Pin SIMMs 
Hard DriveOptical DriveOSMonitor
1.2Gb & 270Mb 32X CD-ROM Windows 98 SE LG 23" Flatron 
KeyboardPowerCaseMouse
Microsoft PS/2 Lite-On Digital Venturis 466 Logitech PS/2 
  hide details  
Reply
post #3 of 7
Well we have offices seperated by 100mbit links, but we still have a DC at that satellite office.

How many users do you have that will be hitting the DC?
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #4 of 7
Thread Starter 
Quote:
Originally Posted by trueg50 View Post
Well we have offices seperated by 100mbit links, but we still have a DC at that satellite office.

How many users do you have that will be hitting the DC?
About 150 users. Expecting 200+ by the end of the year (yes we're growing fast).
post #5 of 7
I can't forsee any big issues. We have users that are based in Hong Kong and they connect to Domain Controllers here. If you have a reliabled colo and systems; you'll be fine.
    
CPUMotherboardGraphicsRAM
Intel Overdrive 486DX4 100Mhz Digital Venturis 466 S3 Trio 32 1MB 68MB 72 Pin SIMMs 
Hard DriveOptical DriveOSMonitor
1.2Gb & 270Mb 32X CD-ROM Windows 98 SE LG 23" Flatron 
KeyboardPowerCaseMouse
Microsoft PS/2 Lite-On Digital Venturis 466 Logitech PS/2 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Overdrive 486DX4 100Mhz Digital Venturis 466 S3 Trio 32 1MB 68MB 72 Pin SIMMs 
Hard DriveOptical DriveOSMonitor
1.2Gb & 270Mb 32X CD-ROM Windows 98 SE LG 23" Flatron 
KeyboardPowerCaseMouse
Microsoft PS/2 Lite-On Digital Venturis 466 Logitech PS/2 
  hide details  
Reply
post #6 of 7
Thread Starter 
Good to know, thanks. Finally then, I imagine the fact that the DC would be on a different subnet than the office isn't an issue? Both DCs would be on 10.200.1.0/255.255.255.0 while the office is 192.168.2.0, 192.168.3.0, 192.168.5.0, 192.168.8.0.
post #7 of 7
Quote:
Originally Posted by Shub View Post
Good to know, thanks. Finally then, I imagine the fact that the DC would be on a different subnet than the office isn't an issue? Both DCs would be on 10.200.1.0/255.255.255.0 while the office is 192.168.2.0, 192.168.3.0, 192.168.5.0, 192.168.8.0.
You guys seem to have PAT enabled and are using private address's.

Honestly, I vote the DC just stays in place. That way in the event of the WAN connection being severed you still have internal routing working 100%, and really if you were just a branch office there is a chance the net admin would set up an RODC for the office given the number of employee's.
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Servers
Overclock.net › Forums › Specialty Builds › Servers › Moving domain controller off-site?