> Design Questions > 1) Do you centralize into 1 centralized site and back haul all > network logon and exchange traffic to 1 site? I don't think that's a requirement. I like Roger's thinking on this, but I'd be concerned with available bandwidth and not just the amount of potential bandwidth mentioned in your original post. Bandwidth needs will depend on the client type, the usage patterns (concurrency etc), and how you use Active Directory (DFS?, file/print?, GPO settings etc).
> 2) What are the base numbers of DC's / GC's you would need support > this config (what are the metrics of dc gc > logons/server/processor) Two's the bare minimum for any installation IMHO. I think you may need more for the Exchange support, but that's up to you. The rule of thumb recommendation is to have one GC proc per 4 Exchange procs.(see Roger's comment). However, it's not that cut and dry. What the rule of thumb recommendation is getting at is to have one to four MHZ on initial deployment indicating performance is a factor and that you're using MAPI clients. Keep in mind that 2002 and above clients will all use GC's for their directory. Exchange uses the directory for lookups, so keeping GC's in the same site is a good idea. > 3) what is the typical traffic usage used during an xp network logon > session? (DHCP, DNS, Kerberos TGT, and outlook 2002 mapi logon) DHCP is minimal and can be configured to stay low impact on your network. DNS can also be minimal depending on usage. Kerberos is a little more, but it's usually not too terribly bad. Outlook 2002 is more than 2003 version unless you use cached mode. Then it's about equal from what I've seen. If you use it in MAPI mode, you get some enhancements in 2003 that make the bandwidth a little less. The best way to see this is to pilot it and get a feel for how it looks in your environment since no two companies (or sites for that matter) have the same usage pattern. Keep in mind that you can look at your 5.5 implementation to get a general feel for how it would look with centralized 2003. That's because you'd be reinventing 5.5 with separate directory servers (GC's) in the same location. Take a look at your current bandwidth to get an estimate of how Exchange would look in your environment. You can look on Microsoft's site or bandwidth expectations of Active Directory, but I'd be more comfortable with a pilot myself. Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Tuesday, June 08, 2004 9:14 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD Design on a Highspeed Network considerations > 1) Do you centralize into 1 centralized site and back haul all > network logon and exchange traffic to 1 site? I'd suggest different sites - the number of which is really dependent on how your physical topology is laid out. For instance, we've got 7 offices, connected by some fairly fat WAN links (with VPN and demand dial backup), but each physical localation is still a separate site. Generally, I do site design based on physical network design, with site boundaries aligned with the least reliable connections. However, there's no harm (and possibly some good) that can come from creating sites even within well connected, high bandwidth sites. It's a fairly detailed process based on expected traffic patterns and if you're doing things like site linked GPO's. > 2) What are the base numbers of DC's / GC's you would need support > this config (what are the metrics of dc gc > logons/server/processor) That's a very difficult question to accurately answer. Generally, I use two per "major" site - a site where I want all authentication to be local. Then again, the largest site I've got is 250 users, but my DC's aren't even working hard. With regards to Exchange, the typical recommendation is to use 1 DC/GC processor per 4 Exchange processors. I'd extend that to be plus an extra box for redundancy purposes. Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Murray Wall [mailto:[EMAIL PROTECTED] > Sent: Monday, June 07, 2004 10:40 PM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] AD Design on a Highspeed Network considerations > > We are doing an AD site design and I wanted to know some thoughts of > the group here. > Assumptions > 1) Single forest, Single Domain > 2) Highspeed Network links to sites, 10mb, 100mb and 1GB Available > for AD/exchange > 3) Centralized service provider/organization > 4) Exchange 2003 SP1 > 5) 16000 users in 16 sites with above network speeds > > Design Questions > 1) Do you centralize into 1 centralized site and back haul all > network logon and exchange traffic to 1 site? > 2) What are the base numbers of DC's / GC's you would need support > this config (what are the metrics of dc gc > logons/server/processor) > 3) what is the typical traffic usage used during an xp network logon > session? (DHCP, DNS, Kerberos TGT, and outlook 2002 mapi logon) > > Thoughts on pulling this off? > > Murray Wall, MCSE, B.Ed CCNA/DA Master ASE Messaging [EMAIL PROTECTED] > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
