Robert,
You shouldn't have any technical problems with the design that you are
proposing. If the country is China or one of the others that has a very
different view of intellectual property than we do, however, I would suggest
that you sequester them into a separate forest and rely on forest trusts
making sure that all documentation and IP is stored off site, preferably in
an encrypted CMS.
Certainly talk to your general counsel and whatever liaison company or
consultants you are using for the security impacts. I understand that this
is a management pain and I am usually an advocate for a single domain or at
least single forest where possible, but if there are any IP concerns, you
must look as a separate forest.
Hope this helps.
--
Ryan Hanisco
MCSE, MCTS: SQL 2005, Project+
http://www.techsterity.com
Chicago, IL
Remember: Marking helpful answers helps everyone find the info they need
quickly.
"Robert Gordon" wrote:
> I have one office (50 people) in North America, under a single AD
> domain. I am also about to open a second office (30 users) across the
> Pacific and the offices will be connected via a LAN-LAN VPN connection.
> These offices will each have plenty of Internet bandwidth on both ends
> (5 MB+) which are both close to my provider's global backbone.
>
> There will definitely be some potential requirements for being able to
> set granular access from each side. I will need to create a DC/DNS/DHCP
> and Exchange environment for the remote office, so there can be business
> continuity should the VPN connection go down. Obviously the remote
> office will be using separate IP subnets from the main North America office.
>
> In this set up, would creating a separate site, under the same AD domain
> be the most logical design?
>
Similar Threads
Linear Mode
