Remove From My Forums

Small branch office network - How to join clients to headquarter domain

Question
0

Sign in to vote

Hi at all,

I have one headquarter domain with w2k8 r2 dc, and two remote office each with 5 to 10 clients/printers.

I thought that a local domain controller for each branch office is too expensive, and I would connect the branch office firewall by vpn to the headquarter. Is there any problem I should consider in implementing this solution? Will be able branch office's clients/printers join to the domain without problems?

Thank you

Monday, November 21, 2011 4:24 PM

Answers

0

Sign in to vote
Hi there

This should work fine as long as your connection between offices is fast enough/you don't have too much latency. It is probably a good idea to set one office up in this manner and run some tests before you fully commit to this design. You might wind up finding it worthwhile to deploy a read-only DC (RODC) at the branches if latency over the VPN connection is a problem.

Thanks -
James McIllece
- Proposed as answer by vinit pandey Friday, November 25, 2011 9:25 AM
- Marked as answer by Tiger LiMicrosoft employee Monday, November 28, 2011 2:48 AM
Monday, November 21, 2011 7:09 PM
0

Sign in to vote
Hi LuCapelli,

Thanks for posting here.

Yes, that will be fine if we create a secured, reliable VPN connection between headquarter and branch office with proper routing across internet, here are some articles for reference :

Different VPN tunnel types in Windows - which one to use?

http://blogs.technet.com/b/rrasblog/archive/2009/01/30/different-vpn-tunnel-types-in-windows-which-one-to-use.aspx

Branch Office over the Internet

http://technet.microsoft.com/en-us/library/cc736396(WS.10).aspx

Step-by-Step Guide for Setting Up a PPTP-based Site-to-Site VPN Connection in a Test Lab

http://technet.microsoft.com/en-us/library/cc758271(WS.10).aspx

Meanwhile, for more information and technology regarding with branch office scenario could be acquired form the link below:

Branch Office

http://technet.microsoft.com/en-us/windowsserver/bb530956.aspx

Thanks.

Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
- Marked as answer by Tiger LiMicrosoft employee Monday, November 28, 2011 2:48 AM
Tuesday, November 22, 2011 10:51 AM
0

Sign in to vote
Hi

Of course you can join your branch office to HQ with VPN connection. I have done it at few site and it works provided the wan speed is good. You can consider having local RODC but since the number of system at your BO is very low thats why if you are going for centralized DCs it is good option. I will suggest you that put your VPN solution in place for a while for testing and if you are satisfied with the performance then put it in production.If not satisfied go for RODC.
- Proposed as answer by vinit pandey Friday, November 25, 2011 9:25 AM
- Marked as answer by Tiger LiMicrosoft employee Monday, November 28, 2011 2:48 AM
Friday, November 25, 2011 9:25 AM

All replies

0

Sign in to vote
Hi there

This should work fine as long as your connection between offices is fast enough/you don't have too much latency. It is probably a good idea to set one office up in this manner and run some tests before you fully commit to this design. You might wind up finding it worthwhile to deploy a read-only DC (RODC) at the branches if latency over the VPN connection is a problem.

Thanks -
James McIllece
- Proposed as answer by vinit pandey Friday, November 25, 2011 9:25 AM
- Marked as answer by Tiger LiMicrosoft employee Monday, November 28, 2011 2:48 AM
Monday, November 21, 2011 7:09 PM
0

Sign in to vote
Hi LuCapelli,

Thanks for posting here.

Yes, that will be fine if we create a secured, reliable VPN connection between headquarter and branch office with proper routing across internet, here are some articles for reference :

Different VPN tunnel types in Windows - which one to use?

http://blogs.technet.com/b/rrasblog/archive/2009/01/30/different-vpn-tunnel-types-in-windows-which-one-to-use.aspx

Branch Office over the Internet

http://technet.microsoft.com/en-us/library/cc736396(WS.10).aspx

Step-by-Step Guide for Setting Up a PPTP-based Site-to-Site VPN Connection in a Test Lab

http://technet.microsoft.com/en-us/library/cc758271(WS.10).aspx

Meanwhile, for more information and technology regarding with branch office scenario could be acquired form the link below:

Branch Office

http://technet.microsoft.com/en-us/windowsserver/bb530956.aspx

Thanks.

Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
- Marked as answer by Tiger LiMicrosoft employee Monday, November 28, 2011 2:48 AM
Tuesday, November 22, 2011 10:51 AM
0

Sign in to vote
Hi

Of course you can join your branch office to HQ with VPN connection. I have done it at few site and it works provided the wan speed is good. You can consider having local RODC but since the number of system at your BO is very low thats why if you are going for centralized DCs it is good option. I will suggest you that put your VPN solution in place for a while for testing and if you are satisfied with the performance then put it in production.If not satisfied go for RODC.
- Proposed as answer by vinit pandey Friday, November 25, 2011 9:25 AM
- Marked as answer by Tiger LiMicrosoft employee Monday, November 28, 2011 2:48 AM
Friday, November 25, 2011 9:25 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Small branch office network - How to join clients to headquarter domain

Question

Answers

All replies