Hello. I am planning an AD design (on my head at least). I have a DataCenter called DataCenter1. I have 3 offices: Office1 (500 users) (200Mb line to DataCenter1) / Office2 (200 users) (80Mb line to DataCenter1) / Office3 (200 users) (80Mb line to DataCenter1) My plan is to have all the Domain Controllers located in the DataCenters as the bandwidth (from my knowledge) is more than enough to cope with this. 1: Would there be any reason at all to consider additional Domain Controllers in the office locations (RODC's). 2: If I only locate Domain Controllers in the DataCenter then can I get away with one AD site (as opposed to a site per physical office).

Thanks for the reply Lain. If those bandwidth figures were increased - lets say doubled, would it then be ok to have DCs only in DataCenter. The reason for this is that the intention would be to have the DataCenter hosting every server in the future with nothing except clients in the offices. Exchange will be used with the plan being again that the DCs in the DataCenter would act as GCs

Ok. but in terms of availability, let's say I had a second data center and used this for HA and DR, would this then be ok? again, my intention would be to eliminate the need for any servers in the offices. understand where you are coming from with the sites. the question is that should the data centers also be treated as sites? thanks again.

just a last thought. in cases where businesses have moved their AD to a hosted cloud they obviosuly wouldn't have domain controllers remaining in their offices?

If they've moved completely to an IaaS model, then you are correct; they won't have anything in their branches. However, this is a business decision made at the executive level, not an IT decision, as the business has to figure out what kind of SLA structure they are happy with. This is a very big leap of faith to make, and I've seen and heard about some incredibly short-sighted moves here in Australia that have spelt disaster (measured in either cost or productivity - which ends up being the same thing) for the business on account of the poor connections we have to Singapore and Hong Kong. Part of that has come from the business not truly understanding the risks involved and the changes to their SLAs (i.e. what they can actually do about it when they're not happy with the service). I wouldn't use the fact that it can be done as the sole reason to do it. There's so much more to it than that. I work in the education sector, and all I can say is I'm glad we haven't moved to the cloud for our staff or core infrastructure services and applications. Some of the stories I've heard - and still hear, about places that have are shocking and clearly show the business wasn't aware of what the repurcussions might have been. Some of them are even pulling services back internally. Cheers, Lain