The whole point of a site is to have a DC in it isn't it? Therefore you should cleanup the unnecessary sites and associate subnets with sites you want them to be a part of. The DC locator will only do its job correctly if DNS is right. DNS will be correct if you maintain a nice sites and services plan and clean up all other unnecessary records in DNS.
In my opinion "a" is the way to go.
M@
On 30/03/06, James Carter <[EMAIL PROTECTED]> wrote:
Hey guys,Single Windows 2003 Domain.I have 5 core sites and 70 branch offices. Each of the core sites host 2 x dc's and each branch office has a DC.The design is legacy from NT4 whereby we had a BDC at each of the branch offices as they had slow WAN links at the time. During the upgrade, each of the BDC's were made dc's. Each dc is located in it's own AD Site & IP Subnet defined.Our concerns are that some of these remote dc's are located in insecure environments, i.e the are just a server sat in an unlocked closet in a business office environment.We've just completed an WAN upgrade and our links are minimum of 1mb to each of the remote offices.This is good news for us, as we can now demote most of the remote dc's (about 60 of them)My question is regarding the cleanup process. We have 75 AD Sites created with a subnet assigned to each site. Once the demotion process takes place, will I need toa) add the IP subnet to the core site so that the branch office is serviced by the dc's located there and then delete the old AD Site which no longer holds a dc.b) leave the AD site in existance with the IP Subnet assigned and let the DC locator service find a DC for the client to authenticate to? (this means I am left with a load of un-needed Sites in AD..I assume)We also use DFS but moving to DFS-R shortly.Thoughts anyone?Jim__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
