Can anyone offer a best practices recommendation for laying out AD 2003
with a headcount layout similar to the following?

US West Coast HQ: 100 - 400 users in a single location (10 MB Internet)
Japan: 10 - 20 users (5 MB Internet)
London: 20 - 30 users (10 MB Internet)

All three sites will be connected via star topology IPSec VPNs.

I am trying to design the sites so that should a link break, apart from
temporarily losing direct connectivity to the main HQ office's Exchange
Server, each site would be able to continue functioning as an
independent unit by having it's own DC in place.

Would it make sense to lay out AD as follows:

HQ.company.com for US
japan.company.com for Japan office
london.company.com for UK office

Or would just keeping the entire company on a single flat
corp.company.com AD layout do just as well?

Hello,

i would put it as a single domain to keep it simple. 10 users doesn't
justify a domain, neither 30.


The real issue is about exchange..Is outlook's cached mode enough ?
Hope so, else it would cost much more money.


--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


"Robert Gordon" <rgordon@nospam.onetechbeyond.com> wrote in message
news:uYoCG615HHA.5160@TK2MSFTNGP05.phx.gbl...
> Can anyone offer a best practices recommendation for laying out AD 2003
> with a headcount layout similar to the following?
>
> US West Coast HQ: 100 - 400 users in a single location (10 MB Internet)
> Japan: 10 - 20 users (5 MB Internet)
> London: 20 - 30 users (10 MB Internet)
>
> All three sites will be connected via star topology IPSec VPNs.
>
> I am trying to design the sites so that should a link break, apart from
> temporarily losing direct connectivity to the main HQ office's Exchange
> Server, each site would be able to continue functioning as an independent
> unit by having it's own DC in place.
>
> Would it make sense to lay out AD as follows:
>
> HQ.company.com for US
> japan.company.com for Japan office
> london.company.com for UK office
>
> Or would just keeping the entire company on a single flat corp.company.com
> AD layout do just as well?

Yes, plus the fact that a large number of these remote users would have
Windows Mobile devices, so as long as the main HQ Exchange server was
online, they would still have a way to send/receive emails (in
additional to webmail via any local wireless cafe).

Mathieu CHATEAU wrote:
> Hello,
>
> i would put it as a single domain to keep it simple. 10 users doesn't
> justify a domain, neither 30.
>
>
> The real issue is about exchange..Is outlook's cached mode enough ?
> Hope so, else it would cost much more money.
>
>

G'day:

"Robert Gordon" <rgordon@nospam.onetechbeyond.com> wrote in message
news:uYoCG615HHA.5160@TK2MSFTNGP05.phx.gbl...

> US West Coast HQ: 100 - 400 users in a single location (10 MB Internet)
> Japan: 10 - 20 users (5 MB Internet)
> London: 20 - 30 users (10 MB Internet)
>
> All three sites will be connected via star topology IPSec VPNs.

It's not star, it's triangle.

> Would it make sense to lay out AD as follows:
>
> HQ.company.com for US
> japan.company.com for Japan office
> london.company.com for UK office
>
> Or would just keeping the entire company on a single flat corp.company.com
> AD layout do just as well?

Separate domains are for security policy and replication (entire directory
vs GC) partitioning. You don't seem to have a requirement that justifies
extra domains.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

Would it then make sense just to place each remote location under it's
own site within the domain?

S. Pidgorny <MVP> wrote:
> G'day:
>
> "Robert Gordon" <rgordon@nospam.onetechbeyond.com> wrote in message
> news:uYoCG615HHA.5160@TK2MSFTNGP05.phx.gbl...
>
>> US West Coast HQ: 100 - 400 users in a single location (10 MB Internet)
>> Japan: 10 - 20 users (5 MB Internet)
>> London: 20 - 30 users (10 MB Internet)
>>
>> All three sites will be connected via star topology IPSec VPNs.
>
> It's not star, it's triangle.
>
>> Would it make sense to lay out AD as follows:
>>
>> HQ.company.com for US
>> japan.company.com for Japan office
>> london.company.com for UK office
>>
>> Or would just keeping the entire company on a single flat corp.company.com
>> AD layout do just as well?
>
> Separate domains are for security policy and replication (entire directory
> vs GC) partitioning. You don't seem to have a requirement that justifies
> extra domains.
>

yes !

--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


"Robert Gordon" <rgordon@nospam.onetechbeyond.com> wrote in message
news:eSr886A6HHA.484@TK2MSFTNGP06.phx.gbl...
> Would it then make sense just to place each remote location under it's own
> site within the domain?
>
> S. Pidgorny <MVP> wrote:
>> G'day:
>>
>> "Robert Gordon" <rgordon@nospam.onetechbeyond.com> wrote in message
>> news:uYoCG615HHA.5160@TK2MSFTNGP05.phx.gbl...
>>
>>> US West Coast HQ: 100 - 400 users in a single location (10 MB Internet)
>>> Japan: 10 - 20 users (5 MB Internet)
>>> London: 20 - 30 users (10 MB Internet)
>>>
>>> All three sites will be connected via star topology IPSec VPNs.
>>
>> It's not star, it's triangle.
>>
>>> Would it make sense to lay out AD as follows:
>>>
>>> HQ.company.com for US
>>> japan.company.com for Japan office
>>> london.company.com for UK office
>>>
>>> Or would just keeping the entire company on a single flat
>>> corp.company.com AD layout do just as well?
>>
>> Separate domains are for security policy and replication (entire
>> directory vs GC) partitioning. You don't seem to have a requirement that
>> justifies extra domains.
>>