Best Practices for deploying Windows 2000 in Remote Sites

Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

Hi,

I've a situation whereby the main office houses all the critical Servers for the company which includes Windows 2000 DC's, DNS, Exchange 2000 Server and File and Print Services.

We have opened a new remote site(20 users) which is connected by VPN(via internet) to this main office. The Remote site currently has only desktops (domain mode) and are authenticated by the DC's in the main office via the VPN link ( email access is also done remotely via VPN). There are no administrators in the remote site.

We wish to provide file and print services to this remote site by installing a File & Print Server at that site (to provide better access to resources) but would like to reduce the overhead of installing DC's, DNS, Server maintenance and at the same time would like to provide reasonable performance to these remote users.

What would be the best and most economical way to accomplish this ? Having a dedicated link between the sites is too expensive and business cannot afford.
7 answers Last reply
More about best practices deploying windows 2000 remote sites
  1. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    I would personally install DC, DNS, DHCP, WINS and Terminal Services in
    Admin mode on the server in remote location. Since you are adding a server
    anyway, it implies that infrastructure is already in place. And modern
    servers can handle extra load without problems.

    Anyway, I suggest you read deployment guide inWin2k resource kit.

    Planning, testing, documenting, managing, maintaining are necesary steps in
    any project like this. Even if it looks small at the beginning and not worth
    the effort. But you will win in the long run.

    I'd personally write a policy:
    1. Site policy. Any site with more than n-number of employees should have a
    DC etc
    2. Hardware policy. Each server having DC role should have mirrored system
    disk etc.
    3. Antivirus policy
    4. Backup (disaster recovery) policy
    5. User policy
    6. Support routes
    7. Exchange, e-mail policy
    8. Communications policy (x Mbps per n employees) etc

    And so on.

    When you have all on paper (or spreadsheet), everything will fit in nicely
    (hopefully).
    Since you are doing this job professionally, I'd suggest you go for MCSE
    certificate. You may start by looking for a training kit that addresses
    design of Windows network infrastructure.

    Dusko Savatovic

    "silvy" <silvy@discussions.microsoft.com> wrote in message
    news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    > Hi,
    >
    > I've a situation whereby the main office houses all the critical Servers
    for the company which includes Windows 2000 DC's, DNS, Exchange 2000 Server
    and File and Print Services.
    >
    > We have opened a new remote site(20 users) which is connected by VPN(via
    internet) to this main office. The Remote site currently has only desktops
    (domain mode) and are authenticated by the DC's in the main office via the
    VPN link ( email access is also done remotely via VPN). There are no
    administrators in the remote site.
    >
    > We wish to provide file and print services to this remote site by
    installing a File & Print Server at that site (to provide better access to
    resources) but would like to reduce the overhead of installing DC's, DNS,
    Server maintenance and at the same time would like to provide reasonable
    performance to these remote users.
    >
    > What would be the best and most economical way to accomplish this ? Having
    a dedicated link between the sites is too expensive and business cannot
    afford.
  2. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    Hi Dusko,

    Many thanks for your feedback. Definitely installing all the necessary server roles would improve performance at remote site. However I think this approach will involve additional hardware, replication/maintenance issues, thorough planning and costs as you highlighted.

    We have a simpler network with most remote sites/offices on the same subnet/network and one Windows 2000 Domain in the organistation. Our remote sites have firewall(hardware and software), DHCP in place and all connected via VPN. There is not much complex settings in routing as well.

    Currently remote users in this site login remotely via VPN and also access email( Exchange 2000) remotely and performance seems acceptable. They are also using a Fileserver running in workgroup mode.

    My current concerns are

    a) If I install a File/Print Windows 2000 member Server in the remote site ( in domain mode) which will be on the same subnet as the user segment(remote site) and users in the remote site periodically access the File/Print Server, will there be a drop in performance as the DC/DNS/WINS servers are all in the main office. i.e. even though the workstations and file server will be on the same subnet ( and local), does every request from user workstation for access to file/folder on the fileserver have to travel all over the VPN or will it be just once during authentication(login) for that active session ?

    If there is not much network traffic across the VPN with this setup then I think it will solve our short term goals at a reasonable cost. Server Management will be easier if we have to maintain just that server.

    On a long term basis, we'll need to look at all possible options like as you specified.

    What do you think ?

    Silvy


    "Dusko Savatovic" wrote:

    > I would personally install DC, DNS, DHCP, WINS and Terminal Services in
    > Admin mode on the server in remote location. Since you are adding a server
    > anyway, it implies that infrastructure is already in place. And modern
    > servers can handle extra load without problems.
    >
    > Anyway, I suggest you read deployment guide inWin2k resource kit.
    >
    > Planning, testing, documenting, managing, maintaining are necesary steps in
    > any project like this. Even if it looks small at the beginning and not worth
    > the effort. But you will win in the long run.
    >
    > I'd personally write a policy:
    > 1. Site policy. Any site with more than n-number of employees should have a
    > DC etc
    > 2. Hardware policy. Each server having DC role should have mirrored system
    > disk etc.
    > 3. Antivirus policy
    > 4. Backup (disaster recovery) policy
    > 5. User policy
    > 6. Support routes
    > 7. Exchange, e-mail policy
    > 8. Communications policy (x Mbps per n employees) etc
    >
    > And so on.
    >
    > When you have all on paper (or spreadsheet), everything will fit in nicely
    > (hopefully).
    > Since you are doing this job professionally, I'd suggest you go for MCSE
    > certificate. You may start by looking for a training kit that addresses
    > design of Windows network infrastructure.
    >
    > Dusko Savatovic
    >
    > "silvy" <silvy@discussions.microsoft.com> wrote in message
    > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    > > Hi,
    > >
    > > I've a situation whereby the main office houses all the critical Servers
    > for the company which includes Windows 2000 DC's, DNS, Exchange 2000 Server
    > and File and Print Services.
    > >
    > > We have opened a new remote site(20 users) which is connected by VPN(via
    > internet) to this main office. The Remote site currently has only desktops
    > (domain mode) and are authenticated by the DC's in the main office via the
    > VPN link ( email access is also done remotely via VPN). There are no
    > administrators in the remote site.
    > >
    > > We wish to provide file and print services to this remote site by
    > installing a File & Print Server at that site (to provide better access to
    > resources) but would like to reduce the overhead of installing DC's, DNS,
    > Server maintenance and at the same time would like to provide reasonable
    > performance to these remote users.
    > >
    > > What would be the best and most economical way to accomplish this ? Having
    > a dedicated link between the sites is too expensive and business cannot
    > afford.
    >
    >
    >
  3. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    Hi Silvy,

    I won't push you to go for AD if you're feeling unconfomfortable with it.

    If you decide to use member server only, I would strongly recommend that you
    control access to resources on file server by using A-G-L-P scheme.
    This means that, based on user needs, you create local groups on member
    server and domain global groups on DC. Put user accounts (A) to domain
    global groups (G). Put domain global groups (G) to member server's Local
    group (L). Assign permissions (P) to local groups (L), not directly to
    global groups or individual user (A) (unless, of course, you are controlling
    access to personal files).
    With this scenario you get minimum authorization traffic, because access is
    authorized localy on member server.

    Hint. Note that I'm using word authorization. Authentication traffic will
    still go over the network.

    I would still encourage you to obtain some training literature for Win2k/2k3
    networking and AD and give it some light browsing (no need for hard study),
    just to see some best practices.

    I would also recommend upgrading to WS2k3. AD is better and DNS is
    definitely better.
    BTW, keep an eye on DNS's at all times. This is most important service if
    you use AD. Keep it running smoothly, and your entire network will run
    smoothly.

    Good luck,
    Dusko Savatovic


    "silvy" <silvy@discussions.microsoft.com> wrote in message
    news:3F703772-89E6-47E9-9F6C-03DA2EAA1BDC@microsoft.com...
    > Hi Dusko,
    >
    > Many thanks for your feedback. Definitely installing all the necessary
    server roles would improve performance at remote site. However I think this
    approach will involve additional hardware, replication/maintenance issues,
    thorough planning and costs as you highlighted.
    >
    > We have a simpler network with most remote sites/offices on the same
    subnet/network and one Windows 2000 Domain in the organistation. Our remote
    sites have firewall(hardware and software), DHCP in place and all connected
    via VPN. There is not much complex settings in routing as well.
    >
    > Currently remote users in this site login remotely via VPN and also access
    email( Exchange 2000) remotely and performance seems acceptable. They are
    also using a Fileserver running in workgroup mode.
    >
    > My current concerns are
    >
    > a) If I install a File/Print Windows 2000 member Server in the remote site
    ( in domain mode) which will be on the same subnet as the user
    segment(remote site) and users in the remote site periodically access the
    File/Print Server, will there be a drop in performance as the DC/DNS/WINS
    servers are all in the main office. i.e. even though the workstations and
    file server will be on the same subnet ( and local), does every request from
    user workstation for access to file/folder on the fileserver have to travel
    all over the VPN or will it be just once during authentication(login) for
    that active session ?
    >
    > If there is not much network traffic across the VPN with this setup then I
    think it will solve our short term goals at a reasonable cost. Server
    Management will be easier if we have to maintain just that server.
    >
    > On a long term basis, we'll need to look at all possible options like as
    you specified.
    >
    > What do you think ?
    >
    > Silvy
    >
    >
    >
    >
    > "Dusko Savatovic" wrote:
    >
    > > I would personally install DC, DNS, DHCP, WINS and Terminal Services in
    > > Admin mode on the server in remote location. Since you are adding a
    server
    > > anyway, it implies that infrastructure is already in place. And modern
    > > servers can handle extra load without problems.
    > >
    > > Anyway, I suggest you read deployment guide inWin2k resource kit.
    > >
    > > Planning, testing, documenting, managing, maintaining are necesary steps
    in
    > > any project like this. Even if it looks small at the beginning and not
    worth
    > > the effort. But you will win in the long run.
    > >
    > > I'd personally write a policy:
    > > 1. Site policy. Any site with more than n-number of employees should
    have a
    > > DC etc
    > > 2. Hardware policy. Each server having DC role should have mirrored
    system
    > > disk etc.
    > > 3. Antivirus policy
    > > 4. Backup (disaster recovery) policy
    > > 5. User policy
    > > 6. Support routes
    > > 7. Exchange, e-mail policy
    > > 8. Communications policy (x Mbps per n employees) etc
    > >
    > > And so on.
    > >
    > > When you have all on paper (or spreadsheet), everything will fit in
    nicely
    > > (hopefully).
    > > Since you are doing this job professionally, I'd suggest you go for MCSE
    > > certificate. You may start by looking for a training kit that addresses
    > > design of Windows network infrastructure.
    > >
    > > Dusko Savatovic
    > >
    > > "silvy" <silvy@discussions.microsoft.com> wrote in message
    > > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    > > > Hi,
    > > >
    > > > I've a situation whereby the main office houses all the critical
    Servers
    > > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
    Server
    > > and File and Print Services.
    > > >
    > > > We have opened a new remote site(20 users) which is connected by
    VPN(via
    > > internet) to this main office. The Remote site currently has only
    desktops
    > > (domain mode) and are authenticated by the DC's in the main office via
    the
    > > VPN link ( email access is also done remotely via VPN). There are no
    > > administrators in the remote site.
    > > >
    > > > We wish to provide file and print services to this remote site by
    > > installing a File & Print Server at that site (to provide better access
    to
    > > resources) but would like to reduce the overhead of installing DC's,
    DNS,
    > > Server maintenance and at the same time would like to provide reasonable
    > > performance to these remote users.
    > > >
    > > > What would be the best and most economical way to accomplish this ?
    Having
    > > a dedicated link between the sites is too expensive and business cannot
    > > afford.
    > >
    > >
    > >
  4. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    Just one thing to add to that. If you place a DC in a remote office, you
    have to be sure of its security. If someone nicks a DC, you have a problem
    and it's time to reset all passwords in the domain, at the very least.

    Oli


    "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
    news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
    >I would personally install DC, DNS, DHCP, WINS and Terminal Services in
    > Admin mode on the server in remote location. Since you are adding a server
    > anyway, it implies that infrastructure is already in place. And modern
    > servers can handle extra load without problems.
    >
    > Anyway, I suggest you read deployment guide inWin2k resource kit.
    >
    > Planning, testing, documenting, managing, maintaining are necesary steps
    > in
    > any project like this. Even if it looks small at the beginning and not
    > worth
    > the effort. But you will win in the long run.
    >
    > I'd personally write a policy:
    > 1. Site policy. Any site with more than n-number of employees should have
    > a
    > DC etc
    > 2. Hardware policy. Each server having DC role should have mirrored system
    > disk etc.
    > 3. Antivirus policy
    > 4. Backup (disaster recovery) policy
    > 5. User policy
    > 6. Support routes
    > 7. Exchange, e-mail policy
    > 8. Communications policy (x Mbps per n employees) etc
    >
    > And so on.
    >
    > When you have all on paper (or spreadsheet), everything will fit in nicely
    > (hopefully).
    > Since you are doing this job professionally, I'd suggest you go for MCSE
    > certificate. You may start by looking for a training kit that addresses
    > design of Windows network infrastructure.
    >
    > Dusko Savatovic
    >
    > "silvy" <silvy@discussions.microsoft.com> wrote in message
    > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    >> Hi,
    >>
    >> I've a situation whereby the main office houses all the critical Servers
    > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
    > Server
    > and File and Print Services.
    >>
    >> We have opened a new remote site(20 users) which is connected by VPN(via
    > internet) to this main office. The Remote site currently has only desktops
    > (domain mode) and are authenticated by the DC's in the main office via the
    > VPN link ( email access is also done remotely via VPN). There are no
    > administrators in the remote site.
    >>
    >> We wish to provide file and print services to this remote site by
    > installing a File & Print Server at that site (to provide better access to
    > resources) but would like to reduce the overhead of installing DC's, DNS,
    > Server maintenance and at the same time would like to provide reasonable
    > performance to these remote users.
    >>
    >> What would be the best and most economical way to accomplish this ?
    >> Having
    > a dedicated link between the sites is too expensive and business cannot
    > afford.
    >
    >
  5. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    Agreed. I was sweating reading this thread up until now :)

    Maintaining good physical security of your DCs should be a very high priority.

    -Erik

    "Oli Restorick [MVP]" wrote:

    > Just one thing to add to that. If you place a DC in a remote office, you
    > have to be sure of its security. If someone nicks a DC, you have a problem
    > and it's time to reset all passwords in the domain, at the very least.
    >
    > Oli
    >
    >
    >
    > "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
    > news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
    > >I would personally install DC, DNS, DHCP, WINS and Terminal Services in
    > > Admin mode on the server in remote location. Since you are adding a server
    > > anyway, it implies that infrastructure is already in place. And modern
    > > servers can handle extra load without problems.
    > >
    > > Anyway, I suggest you read deployment guide inWin2k resource kit.
    > >
    > > Planning, testing, documenting, managing, maintaining are necesary steps
    > > in
    > > any project like this. Even if it looks small at the beginning and not
    > > worth
    > > the effort. But you will win in the long run.
    > >
    > > I'd personally write a policy:
    > > 1. Site policy. Any site with more than n-number of employees should have
    > > a
    > > DC etc
    > > 2. Hardware policy. Each server having DC role should have mirrored system
    > > disk etc.
    > > 3. Antivirus policy
    > > 4. Backup (disaster recovery) policy
    > > 5. User policy
    > > 6. Support routes
    > > 7. Exchange, e-mail policy
    > > 8. Communications policy (x Mbps per n employees) etc
    > >
    > > And so on.
    > >
    > > When you have all on paper (or spreadsheet), everything will fit in nicely
    > > (hopefully).
    > > Since you are doing this job professionally, I'd suggest you go for MCSE
    > > certificate. You may start by looking for a training kit that addresses
    > > design of Windows network infrastructure.
    > >
    > > Dusko Savatovic
    > >
    > > "silvy" <silvy@discussions.microsoft.com> wrote in message
    > > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    > >> Hi,
    > >>
    > >> I've a situation whereby the main office houses all the critical Servers
    > > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
    > > Server
    > > and File and Print Services.
    > >>
    > >> We have opened a new remote site(20 users) which is connected by VPN(via
    > > internet) to this main office. The Remote site currently has only desktops
    > > (domain mode) and are authenticated by the DC's in the main office via the
    > > VPN link ( email access is also done remotely via VPN). There are no
    > > administrators in the remote site.
    > >>
    > >> We wish to provide file and print services to this remote site by
    > > installing a File & Print Server at that site (to provide better access to
    > > resources) but would like to reduce the overhead of installing DC's, DNS,
    > > Server maintenance and at the same time would like to provide reasonable
    > > performance to these remote users.
    > >>
    > >> What would be the best and most economical way to accomplish this ?
    > >> Having
    > > a dedicated link between the sites is too expensive and business cannot
    > > afford.
    > >
    > >
    >
    >
    >
  6. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    Thanks everyone.

    Security is definitely a problem in small sites like ours. Hence was worried on the network performance if DC"s and other critical servers are housed in main/head office.

    In the meanwhile, I'll review the suggestions/documentations as suggested by Dusko. If you guys are aware of any registry settings changes( knowledgebase/technet articles) on the Win2k workstation/member server which can improve network performance over the VPN ( quick fix if we have performance realted issues) kindly let me know.

    Thank you,

    Silvester

    "Erik Szewczyk" wrote:

    > Agreed. I was sweating reading this thread up until now :)
    >
    > Maintaining good physical security of your DCs should be a very high priority.
    >
    > -Erik
    >
    > "Oli Restorick [MVP]" wrote:
    >
    > > Just one thing to add to that. If you place a DC in a remote office, you
    > > have to be sure of its security. If someone nicks a DC, you have a problem
    > > and it's time to reset all passwords in the domain, at the very least.
    > >
    > > Oli
    > >
    > >
    > >
    > > "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
    > > news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
    > > >I would personally install DC, DNS, DHCP, WINS and Terminal Services in
    > > > Admin mode on the server in remote location. Since you are adding a server
    > > > anyway, it implies that infrastructure is already in place. And modern
    > > > servers can handle extra load without problems.
    > > >
    > > > Anyway, I suggest you read deployment guide inWin2k resource kit.
    > > >
    > > > Planning, testing, documenting, managing, maintaining are necesary steps
    > > > in
    > > > any project like this. Even if it looks small at the beginning and not
    > > > worth
    > > > the effort. But you will win in the long run.
    > > >
    > > > I'd personally write a policy:
    > > > 1. Site policy. Any site with more than n-number of employees should have
    > > > a
    > > > DC etc
    > > > 2. Hardware policy. Each server having DC role should have mirrored system
    > > > disk etc.
    > > > 3. Antivirus policy
    > > > 4. Backup (disaster recovery) policy
    > > > 5. User policy
    > > > 6. Support routes
    > > > 7. Exchange, e-mail policy
    > > > 8. Communications policy (x Mbps per n employees) etc
    > > >
    > > > And so on.
    > > >
    > > > When you have all on paper (or spreadsheet), everything will fit in nicely
    > > > (hopefully).
    > > > Since you are doing this job professionally, I'd suggest you go for MCSE
    > > > certificate. You may start by looking for a training kit that addresses
    > > > design of Windows network infrastructure.
    > > >
    > > > Dusko Savatovic
    > > >
    > > > "silvy" <silvy@discussions.microsoft.com> wrote in message
    > > > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    > > >> Hi,
    > > >>
    > > >> I've a situation whereby the main office houses all the critical Servers
    > > > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
    > > > Server
    > > > and File and Print Services.
    > > >>
    > > >> We have opened a new remote site(20 users) which is connected by VPN(via
    > > > internet) to this main office. The Remote site currently has only desktops
    > > > (domain mode) and are authenticated by the DC's in the main office via the
    > > > VPN link ( email access is also done remotely via VPN). There are no
    > > > administrators in the remote site.
    > > >>
    > > >> We wish to provide file and print services to this remote site by
    > > > installing a File & Print Server at that site (to provide better access to
    > > > resources) but would like to reduce the overhead of installing DC's, DNS,
    > > > Server maintenance and at the same time would like to provide reasonable
    > > > performance to these remote users.
    > > >>
    > > >> What would be the best and most economical way to accomplish this ?
    > > >> Having
    > > > a dedicated link between the sites is too expensive and business cannot
    > > > afford.
    > > >
    > > >
    > >
    > >
    > >
  7. Archived from groups: microsoft.public.win2000.setup_deployment (More info?)

    Yes,
    other guys are right. Physical security is number 1 requirement in all
    scenarios.
    Imagine this.
    Your server has system disk configured as mirror.
    Your server has hot-plug disks to speed up recovery, replacements etc.
    A Black Hat (probably an inside employee) comes to remote office on friday
    afternoon and steals one hard disk (half of a mirror).
    Since remote office is closed during weekend, you don't have anybody to call
    until Monday morning.
    On monday morning, Black Hat returns to work and replaces stolen disk as if
    nothing happens.
    The chances are that within several hours, the mirror will be resynchronized
    and the theft might end up unnoticed.
    In the meantime, Black Hat has taken copy of your system disk which
    conntains complete AD database.
    He/she can run password cracking program like l0phtcrack LC4.

    If you are intersted in security recommendation guides, you can find many on
    this web site:
    http://nsa2.www.conxion.com/win2k/download.htm

    It is also good practice to keep an eye on various security related web
    sites and news groups.

    Dusko Savatovic


    "silvy" <silvy@discussions.microsoft.com> wrote in message
    news:9A0902A1-9A23-4976-9EBB-A72AD4ED6F7C@microsoft.com...
    > Thanks everyone.
    >
    > Security is definitely a problem in small sites like ours. Hence was
    worried on the network performance if DC"s and other critical servers are
    housed in main/head office.
    >
    > In the meanwhile, I'll review the suggestions/documentations as suggested
    by Dusko. If you guys are aware of any registry settings changes(
    knowledgebase/technet articles) on the Win2k workstation/member server which
    can improve network performance over the VPN ( quick fix if we have
    performance realted issues) kindly let me know.
    >
    > Thank you,
    >
    > Silvester
    >
    > "Erik Szewczyk" wrote:
    >
    > > Agreed. I was sweating reading this thread up until now :)
    > >
    > > Maintaining good physical security of your DCs should be a very high
    priority.
    > >
    > > -Erik
    > >
    > > "Oli Restorick [MVP]" wrote:
    > >
    > > > Just one thing to add to that. If you place a DC in a remote office,
    you
    > > > have to be sure of its security. If someone nicks a DC, you have a
    problem
    > > > and it's time to reset all passwords in the domain, at the very least.
    > > >
    > > > Oli
    > > >
    > > >
    > > >
    > > > "Dusko Savatovic" <savatovic.removespam@hotmail.com> wrote in message
    > > > news:uHAmjmFVEHA.716@TK2MSFTNGP11.phx.gbl...
    > > > >I would personally install DC, DNS, DHCP, WINS and Terminal Services
    in
    > > > > Admin mode on the server in remote location. Since you are adding a
    server
    > > > > anyway, it implies that infrastructure is already in place. And
    modern
    > > > > servers can handle extra load without problems.
    > > > >
    > > > > Anyway, I suggest you read deployment guide inWin2k resource kit.
    > > > >
    > > > > Planning, testing, documenting, managing, maintaining are necesary
    steps
    > > > > in
    > > > > any project like this. Even if it looks small at the beginning and
    not
    > > > > worth
    > > > > the effort. But you will win in the long run.
    > > > >
    > > > > I'd personally write a policy:
    > > > > 1. Site policy. Any site with more than n-number of employees should
    have
    > > > > a
    > > > > DC etc
    > > > > 2. Hardware policy. Each server having DC role should have mirrored
    system
    > > > > disk etc.
    > > > > 3. Antivirus policy
    > > > > 4. Backup (disaster recovery) policy
    > > > > 5. User policy
    > > > > 6. Support routes
    > > > > 7. Exchange, e-mail policy
    > > > > 8. Communications policy (x Mbps per n employees) etc
    > > > >
    > > > > And so on.
    > > > >
    > > > > When you have all on paper (or spreadsheet), everything will fit in
    nicely
    > > > > (hopefully).
    > > > > Since you are doing this job professionally, I'd suggest you go for
    MCSE
    > > > > certificate. You may start by looking for a training kit that
    addresses
    > > > > design of Windows network infrastructure.
    > > > >
    > > > > Dusko Savatovic
    > > > >
    > > > > "silvy" <silvy@discussions.microsoft.com> wrote in message
    > > > > news:D6512720-0E0D-42F6-BB98-3DA8ABDB8A63@microsoft.com...
    > > > >> Hi,
    > > > >>
    > > > >> I've a situation whereby the main office houses all the critical
    Servers
    > > > > for the company which includes Windows 2000 DC's, DNS, Exchange 2000
    > > > > Server
    > > > > and File and Print Services.
    > > > >>
    > > > >> We have opened a new remote site(20 users) which is connected by
    VPN(via
    > > > > internet) to this main office. The Remote site currently has only
    desktops
    > > > > (domain mode) and are authenticated by the DC's in the main office
    via the
    > > > > VPN link ( email access is also done remotely via VPN). There are no
    > > > > administrators in the remote site.
    > > > >>
    > > > >> We wish to provide file and print services to this remote site by
    > > > > installing a File & Print Server at that site (to provide better
    access to
    > > > > resources) but would like to reduce the overhead of installing DC's,
    DNS,
    > > > > Server maintenance and at the same time would like to provide
    reasonable
    > > > > performance to these remote users.
    > > > >>
    > > > >> What would be the best and most economical way to accomplish this ?
    > > > >> Having
    > > > > a dedicated link between the sites is too expensive and business
    cannot
    > > > > afford.
    > > > >
    > > > >
    > > >
    > > >
    > > >
Ask a new question

Read More

Windows 2000 Office Windows