Question : active directory - how to best connect existing networks & future plans

I've just started work with a company that has 7 sites. Each site has it's own distinct separately administered network. Most are domains, a couple are workgroups.

We have just installed a reporting server for two of the sites to share (there's a VPN link between them) . The reporting server is part of the domain of the site in which its located (DomainA - Windows 2003 domain controller). This allows us to use Windows Authentication to control security for access to the Reporting Server.

We would like to do the same for the remote site (domainB). So my main question is how best to do this?

There are a few additional considerations. Currently DomainB is a workgroup. I'm assuming we'll need to make that site into its own domain before trusting the two domains, but is there a quicker / simpler way (or short term fix while we get around to it)

Also the site where the reporting server is located is not 'Head Office'. In time we would want the other sites to connect in too. We don't want 'DomainA' to be in any way a superior or dominant name, so should I be now installing a root domain server above DomainA (say GroupDomain) and joining both DomainA and DomainB to that.

Finally, we would in time want to connect all other sites in the same way and, possibly, reposition the reporting server on a different site. So whatever we do now should have that option in mind.

I've limited experience with AD and that only in a single site. I've started reading up but there's a lot of information sources to get through. I'm not looking for someone to do the work for me, but would like a 'leg up' to get me started .. some tips for the best direction and a few links to good articles where I can learn more & find a good how to.

Thanks
Jon

Answer : active directory - how to best connect existing networks & future plans

The hardware performance requirement shouldn't be too great, but the important thing is to keep it protected from failure. This is why having two DCs is recommended - one server melts you've still got the other - this is the best form of backup/protection for AD.
So if you're using old kit and only having one server, ensure you're backing up and you're comfortable with the restore process, especially as this is your forest root.
There are downsides to having a dedicated root - there is the extra admin and hardware costs, so it's really a decision you have to weigh up. But I get the impression that there could be a lot of to-ing a fro-ing between the companies so you could benefit from this set up.
And you're right - ideally you want a DC to be just a DC, but in the real world this isn't always possible. Be careful when promoting a server that already has software running on it as it can break stuff - when you promote a DC it removes all local users and groups and tightens security, something certain apps won't like (SQL, WSUS, Exchange for example). Worth
Setting up your first DC in a new forest : http://technet.microsoft.com/en-us/library/cc781771(WS.10).aspx
Configuring sites in AD (at least a starting point!) : http://technet.microsoft.com/en-us/library/cc781074(WS.10).aspx
Hope this has given you some pointers to get a plan going!
Tony

Random Solutions

Sending emails on behalf of a common mail address and have the email saved in "Sent items" in the common mailbox (not my own)

Cisco 2811, two interfaces, two seperate ISP; is Load Balancing and Failover possible

System not working on Internet

Cisco 3560G Switch Question

Sporadic Delivery after change in MX records

Windows System Error - Duplicate Name Exists

Want to see what computer a user is logged into

Restricting Inbout SMTP IP Addresses in Groupwise

Windows Server 2003 not releasing file lock on Access database

docx files on Novell server are very slow to open