New servers and network changes

[Jelibear]

Hey all, I'm considering 3 Win2K3 server machines for 3 different locations as file servers. Each location is seperate from the other right now, however the plan is to do some major network changes and have each location on its own subnet and have one MAN instead of 3 LANs. The servers will most likely be in place before the network switch, so my question is: what needs to be done to ensure the change will go as smoothly as possible and the servers will be able to communicate with each other in one big, happy MAN when I'm done? This will be the first time I've done anything like this and I just want to be sure I have all my bases covered. Thanks, James Elliott

[silencio]

Do you plan on putting them in the same forest/domain after the network switch? What kind of lines are you going to have connecting them?

Here's an ideal networking situation for management and keeping costs down IMO. For the network itself, one dsl line 768down/512up ~$220/month at each location and one Cisco 1760 at each location. Each dsl line is your internet connection. The business dsl line with come with a router. Place the cisco router behind the dsl router at each location. The cisco router will act as a firewall and you can create vpn tunnels to each of your other locations. There's your network. You have cheap internet access and VPN access to each location. The alternatives are dedicated frame relay or T1 lines. The nice part about dsl is the cost.

The next part is the windows forest/domain model. With 512K upload speeds you have plenty of bandwidth for replication between the three servers so, create a single forest with either a single or three domains. I'd use a single domain unless you plan on adding redundant DCs at each location. The allows you easy management of all three locations and you have added redundancy.

If you do something like this you're going to have to do some migration down the road. All users should be added to the domain so you'll have some profile issues and security/share permissions to deal with after you upgrade to a domain.

It is possible to use the windows server at each location for routing and VPN services but then you create a single point of failure at the server. I like to seperate the IP network and the domain.

In order to ensure a simple upgrade to a domain model in the future, make sure your first DC is a DNS (active directory integrated) server. Make sure the remote servers can see this DC and resolve ldap/dns queries properly. If you have any old netbios based systems (win98/NT) you'll need WINs also. Once you have your DCs setup in your remote locations, windows will create the appropriate replication model. Make sure each server is also a GC (global catalog server).

The benefit of a domain model and giving each location a DC is that network requests/authentication will be kept local. You also have redundancy built in with multiple DCs. Finally, you have network connectivity/authentication if a single server goes down because you've divided the network layer from the domain layer.

Let the questions begin .