Thanks for the link. I always thought it was understood that because of group membership caching there would be a delay. Perhaps that wasn't widely understood.
The OP might want to have a look at these to make sure he designs his new DC placements well if he does combine everything into the same forest somehow. http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/03/08/37975.aspx http://support.microsoft.com/kb/223346 From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, August 06, 2009 2:34 PM To: NT System Admin Issues Subject: RE: domain/forest setup question It has side effects that change behaviors of other features. http://support.microsoft.com/default.aspx/kb/871159 While I can't say for certain, my feeling is that the demographic on this list is unlikely to be in a scenario where they have a WAN that constrains having a locally placed GC. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ <http://www.briandesmond.com/ad4/> Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian <https://mvp.support.microsoft.com/profile/Brian> From: Richard Stovall [mailto:richard.stov...@researchdata.com] Sent: Thursday, August 06, 2009 12:23 PM To: NT System Admin Issues Subject: RE: domain/forest setup question Out of curiosity, why? From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, August 06, 2009 1:20 PM To: NT System Admin Issues Subject: RE: domain/forest setup question Please don't use UGC. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ <http://www.briandesmond.com/ad4/> Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian <https://mvp.support.microsoft.com/profile/Brian> From: Richard Stovall [mailto:richard.stov...@researchdata.com] Sent: Thursday, August 06, 2009 11:17 AM To: NT System Admin Issues Subject: RE: domain/forest setup question Don't forget to include a GC at both sites or use Universal group caching. From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, August 06, 2009 12:12 PM To: NT System Admin Issues Subject: Re: domain/forest setup question Personally I would set up sites and just have a single domain. It sounds like seperate forests/domains is just making it harder to manage.a RODC at that site would work well if you are use 2008 for all the DC's. Jon On Thu, Aug 6, 2009 at 12:08 PM, James Kerr <cluster...@gmail.com> wrote: Overall, I'm always looking to make things easier to manage. The new DC is replacing the single DC they have at that location that is going on 5 years old. When it was the originally put there we did not have any VPN connection between the two locations. The main office has about 80 users and the smaller has about 40 but will soon be about 50. The server at the moment really only provides file and print services. WSUS and AV and Exchnage come from the main location. At some point I would like to run a sharepoint for the whole company. ----- Original Message ----- From: "Steven M. Caesare" <scaes...@caesare.com> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com> Sent: Thursday, August 06, 2009 11:27 AM Subject: RE: domain/forest setup question What are you trying to accomplish: 1)overall, and 2) with the new DC? -sc -----Original Message----- From: James Kerr [mailto:cluster...@gmail.com] Sent: Thursday, August 06, 2009 11:19 AM To: NT System Admin Issues Subject: domain/forest setup question I would like to hear some input into an upcoming change I have to make to our network. Currently we have two locations each domain is a separate forest but we have domain trusts. The locations are connected via a VPN and their both on a separate subnet I'm going to be installing a new DC at the smaller location and I'm debating whether I should keep the forests separate or same forest different domains or just make the new DC a member of our existing domain at the main location. It seems to me that adding to the existing domain would be the easiest to manage and probably the best way to go right? Any downsides to the last option? James ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
