1

We are contemplating moving our SBS2k8 server to our datacenter. We would be setting up a VPN-VPN tunnel between everything to handle AD. Has anyone done this before? Any particular issues that anyone can remember? So the flow for AD would now become.

SBS<->VPN---VPN<->Internal office network

ChrisMuench
  • 136
  • 1
  • 5
  • 2
    I can't offer any specific advice on this, but you should be aware of the fact that MS recommends at least one DC (GC) at each site. This is because of the amount of traffic can be touch on thin connections, if there is lag then it becomes very annoying to use anything that relies on the DC for authentication (or DNS resolution etc) and lastly because if the VPN is lost, the site is isolated. If your VPN is fast and stable then I guess this is probably an ok solution, if not I would be very skeptical.. – Gomibushi Apr 28 '10 at 17:43
  • yeah that is what I was afraid of. We only have a T-1 in the office and its already slow :( but yet on the other hand we have about 200k worth of hardware in the datacenter but have our email on a crappy dell :) – ChrisMuench Apr 29 '10 at 17:52

2 Answers2

0

I had something similar.
As recommended above, you should have a DC on every site. Or, at least a local DNS server for internal services.
I had to add WINS server manually so the users in the domain can authenticate.
Sometimes, in XP, the users could not authenticate and I had to rejoin the computer to the domain.
You may want to make the user profiles local to minimize the traffic over the VPN.
HTH

Paul
  • 1,857
  • 1
  • 11
  • 15
  • DNS isn't necessarily that big of an issue when considering something like this. The big hit in performance comes from having your Global Catalogs at a physically separate location. – MDMarra Jan 22 '11 at 22:20
0

If all your resources are on the SBS (which - since it's SBS, I guess they are) and your connection speed isn't great, moving the server to the datacenter will not improve the situation, only make it worse.

Unless you have a local DC, local file/print with DFS replication etc?

We have a vaguely similar setup for many of our clients, with e-mail/DC/fileservers in the racks and local fileserver onsite. The advantages are then for DR (in case your main site burns) and better performance for remote workers. But - depending on the number of staff onsite - you do need a decent line.

George Hewitt
  • 1,066
  • 7
  • 13