Re: splitting up a network

[Scotty Perkins]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Confirmed.

- From MS TechNet:

"A site is separate in concept from Windows 2000-based domains
because a site may span multiple domains, and a domain may span
multiple sites. Sites are not part of your domain namespace. Sites
control replication of your domain information and help to determine
resource proximity. For example, a workstation will select a DC
within its site with which to authenticate."

See
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/pro
dtechnol/windows2000serv/deploy/confeat/adsites.asp for more detailed
information.

scotty

- - Original Message - 
From: "leon" <[EMAIL PROTECTED]>
To: "'Matt Andreko'" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Monday, January 21, 2002 10:13 AM
Subject: RE: splitting up a network


> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Why cant you have 1 domain and create the two offices as "sites".
> 
> I thought that domain can encompass multiple sites and a site can
> encompass multiple domains.  That was my understanding of how win2k
> domains worked.
> 
> - -Original Message-
> From: Matt Andreko [mailto:[EMAIL PROTECTED]]
> Sent: Monday, January 21, 2002 8:38 AM
> To: [EMAIL PROTECTED]
> Subject: splitting up a network
> 
> Hi there.  I'm currently administering a network which is being
> split in
> half.  Half of it is going to be placed on an OC3 where all our
> servers
> are, and the other half is our office, which is on a T1, going
> through a
> separate class C IP range.
> 
> I'm trying to figure out a good way to setup this NT/2000 network
> with
> active directory over the 2 networks.  I'd prefer to have them all
> in 1
> domain, so I don't have to deal with domain trusts and such.  Is
> there a
> good way to do this, or do I need to setup 2 separate domains, one
> for
> each location, and do trust relationships between the 2?  Netbios
> can be
> used through these 2 separate ip ranges, and is preferred (although
> it
> will be secured and audited regularly).
> 
> Also, is there a good way to firewall the office machines, but
> still have them be part of the domain, but not publicly available
> (only to a
> certain group on the domain?).  I would prefer to put all the
> machines
> behind a linksys or maybe even a cisco router, to keep them
> protected.
> The machines on the OC3 don't need firewall protection really.
> 
> Any help would be appreciated.
> 
> 
> 
> 
> - --
> Matt Andreko
> On-Ramp Indiana
> (317)774-2100
> 
> 
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: PGPfreeware 6.5.8 for non-commercial use
> <http://www.pgp.com>  
> 
> iQA/AwUBPExaW9qAgf0xoaEuEQJfEwCgxn1lGbzJYlTTuuqi2gS8yb3aFb4AoLRW
> tsaYXp0XZNHOpxDUKrdAkpMD
> =Hh4K
> -END PGP SIGNATURE-
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPE+z/sCRV5J9bej9EQLREwCghVshOONSRUvlvjnG5F0XzlpolBoAn3wh
KKWEBpjU1p5IS4n2MynwQHZ3
=SRbD
-END PGP SIGNATURE-

RE: splitting up a network

[Andrew Jones]

If you are using windows 2k then Active directory will help.

I would say set up 2 domains, Office1 and Office2

Set up a domain forest which will encompass these 2 domains and hey presto,

Just my EUR0.02

Andrew Jones
Helpdesk Advisor
Meggitt Petroleum Systems
Tel +44  (0)2476 697417 Ext. 40
Fax +44 (0)2476 418210
[EMAIL PROTECTED]


> -Original Message-
> From: leon [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, January 21, 2002 6:14 PM
> To:   'Matt Andreko'; [EMAIL PROTECTED]
> Subject:  RE: splitting up a network
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Why cant you have 1 domain and create the two offices as "sites".
> 
> I thought that domain can encompass multiple sites and a site can
> encompass multiple domains.  That was my understanding of how win2k
> domains worked.
> 
> - -Original Message-
> From: Matt Andreko [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, January 21, 2002 8:38 AM
> To: [EMAIL PROTECTED]
> Subject: splitting up a network
> 
> Hi there.  I'm currently administering a network which is being split
> in
> half.  Half of it is going to be placed on an OC3 where all our
> servers
> are, and the other half is our office, which is on a T1, going
> through a
> separate class C IP range.
>  
> I'm trying to figure out a good way to setup this NT/2000 network
> with
> active directory over the 2 networks.  I'd prefer to have them all in
> 1
> domain, so I don't have to deal with domain trusts and such.  Is
> there a
> good way to do this, or do I need to setup 2 separate domains, one
> for
> each location, and do trust relationships between the 2?  Netbios can
> be
> used through these 2 separate ip ranges, and is preferred (although
> it
> will be secured and audited regularly).
>  
> Also, is there a good way to firewall the office machines, but still
> have them be part of the domain, but not publicly available (only to
> a
> certain group on the domain?).  I would prefer to put all the
> machines
> behind a linksys or maybe even a cisco router, to keep them
> protected.
> The machines on the OC3 don't need firewall protection really.
>  
> Any help would be appreciated.
> 
> 
> 
> 
> - --
> Matt Andreko
> On-Ramp Indiana
> (317)774-2100
> 
> 
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
> 
> iQA/AwUBPExaW9qAgf0xoaEuEQJfEwCgxn1lGbzJYlTTuuqi2gS8yb3aFb4AoLRW
> tsaYXp0XZNHOpxDUKrdAkpMD
> =Hh4K
> -END PGP SIGNATURE-