Should We Keep Domain Controllers at Small Remote Sites?

By
William Rossbach
-
0
13
Asked By TechSavant92 On

I'm currently managing a set of small remote sites, each with around 10 to 12 users, and each site has its own domain controllers (DCs) running on small Dell servers. We're in a hybrid setup with Entra AD, Intune, and O365. The servers at these sites are nearing the end of their life, and I'm wondering if we really need to maintain these local DCs, especially since each site is connected to our two main locations via site-to-site VPNs. The main locations have DCs that are fully supported with generators and backups. The primary functions of the local servers seem to be handling login requests and DHCP. We could potentially move DHCP to the network switches and rely on cached logins or authentication through the VPN. Printing is already managed by a remote print server at our data center. What are your thoughts on eliminating DCs at these small sites?

5 Answers

Answered By HubbieHub75 On

Our setup is pretty similar. We have three hubs that link to all remote sites, and each hub has a DC to ensure redundancy. However, for tiny sites, perhaps a read-only DC could be enough if authentication is an issue when the VPN goes down.

Answered By NetworkNinja77 On

It honestly sounds unnecessary to have DCs at those small sites. In a previous job, we managed around 50 small sites, and everything worked smoothly with just having DCs at the main locations connected through site-to-site tunnels. Shifting DHCP to the switches or the gateway should suffice, and you'd eliminate redundancy without any issues.

Answered By RoamingTechie On

If the sites don’t have critical apps running that need continuous authentication, you’re fine to not have local DCs for user logins. Most of my clients with small branches opt for centralized DCs without any problems, just ensure your site-to-site connections are stable.

Answered By CloudGuru34 On

I'd stick with just the main DCs for those smaller locations—it feels really redundant to have local DCs for such few users. Plus, it cuts down on maintenance.

Answered By SysAdminMaster On

I manage over 400 sites, and we only maintain DCs at four locations, two of which are major data centers. For smaller sites, a well-structured central setup with site-to-site links works perfectly.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.