Hi all, I plan to add Some Domain controllers in some new remote branches, So these remote branches are connected to main H.Q. through Fast WAN, So I plan to create new subnet and new Site, for each branch, Each branch office will contain only one Domain controller, My question is, if I create new subnet and new site for each office, and at same time if any branch domain controller is fails, Is it users can still connected to domain controllers at the main H.Q. , if their local Domain controller fails or not? (please noted there will be one DC at each branch office) Because I don’t need to create all remote domain controllers in the same H.Q. AD site, and what about replication, is it better to get all in same AD site, or create difftenr AD sites? Please advise with the best practice ! Tamer Tawfik Almoayyed Computers

Is it users can still connected to domain controllers at the main H.Q. , if their local Domain controller fails or not? (please noted there will be one DC at each branch office) By default, clients in remote sites with failed Domain Controllers will locate Domain Controllers in other sites and authenticate against these Domain Controllers. For more control over this behavior, you can use the information in either: Enabling Client Computers to Locate the Next Closest Domain Controller How to optimize the location of a domain controller or global catalog that resides outside of a client's site Because I don’t need to create all remote domain controllers in the same H.Q. AD site, and what about replication, is it better to get all in same AD site, or create difftenr AD sites? An Active Directory Site is used to locate services closest to end-users. For this purpose, in Active Directory inter-site-replication (replication between Domain Controllers within an Active Directory Site) and intra-site-replication (replication between Domain Controllers in different sites) are different. More information. Because intra-site-replication uses Bridgehead Domain Controllers and traffic, optimized for unreliable connections, this is your replication type of choice. For these reasons, create different Active Directory sites.

This approach accomplishes two things 1) Make sure that you have active directory integrated dns working in your Domain. 2)Configuring clients to use a local DNS server and the server located in Head office ensures that the DNS services will always be available, even if there is a server failure and link both. link. http://technet.microsoft.com/en-us/library/cc749946.aspx http://www.virmansec.com/blogs/skhairuddin