Here is the scenario I am faced with and I am looking for some input.
My environment now is a mix of Novell (Edir) and Windows (AD) migrating to AD.
I have 24 remote locations and 650 users most use EVPL (10 meg) and some 1.5 mbps T1.
I need to deploy 23 branch servers to provide local resources and management tools (IP (DNS Name) Printing, file shares, Antivirus update servers etc...)
This offices need to have access to local resources if/when WAN connectivity is lost.
Obviously, 23 domain controllers is a bit extreme. I was thinking that this might be a good use of a RODC which I assume would solve access to local resources that need authentication but even that seems extreme.
My other thought is that DNS Caching server which can provide access to any DNS resource not requiring authentication and also a local DHCP server just to manage addresses.
I realize that in the event of a WAN link failure users logged already will have access to resources that they have a valid Kerberos ticket for and that new users will be able to login with cached credentials. I need users to have access at minimum to IP printing (printers with DNS names). Having access to file shares would be a bonus but I do not see being able to do that without at least a RODC.
I also thought about extending the TTL on DNS records so that in the event of a WAN link lose users local cache can resolve it.
Just looking for some opinions on this.
Thank you!
