Hi Rick, Thanks for the reply! Unless the KCC is a lot smarter than I think it is, I need to pick a bridgehead server so I don't have numerous conduits in my firewall for all the DCs the new site DC will want to talk to. While I don't need to control the replication frequency, I do have to make sure that traffic is only going between a very limited set of targets. Am I on the right track here or am I not seeing something important? Thanks. Mike Thommes
-----Original Message----- From: Rick Kingslan [mailto:[EMAIL PROTECTED] Sent: Fri 3/5/2004 12:22 AM To: [EMAIL PROTECTED] Cc: Subject: RE: [ActiveDir] recommendation for bridgehead server? My take on it has always been unless the Knowledge Consistency Checker can't figure it out, don't set a Bridgehead - this is going to prevent the KCC from doing some good things for you. Along the lines of creating new links and reassigning the Bridgehead in the event of the preferred failing. Let the KCC do its job - it does it well. Unless, however, it's not. Then, ignore everything I just said and set one. In my case it would be to my busiest child domain - because that's where all of the physical connectivity is. And, when considering all of the sites and services stuff, it is VERY important to remember that you are modelling for AD what your physical (WAN and Router infrastructure) really looks like so that AD can make intelligent decisions about how to route, replicate, etc. Inter-site messaging is really a spanning tree algorithm - and any structure of that nature needs to know what it's running on to be effective. Hope this helps.... Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone WebLog - www.msmvps.com/willhack4food _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Thursday, March 04, 2004 7:07 AM To: Active Directory Mailing List (E-mail) Subject: [ActiveDir] recommendation for bridgehead server? Hi, Because of firewall issues, I am creating a new site that is well connected to the rest of my AD topology. This new site will contain workstations and a domain controller for an already existing child domain. This child domain DC will also be the bridgehead server in this new site. User accounts are in the root domain. These users use an Exchange server that is located in the child domain and that is located in the main site. The question is what DC in the main site should I pick to be a bridgehead partner? Is it more sensible to choose a root domain DC or a DC in the child domain? Does it matter? As always, TIA. Regards, Mike Thommes List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/