Windows: 2 sites, 2 dc's. How setup roles?
I have 2 sites (HO + Branch), both with Win Servers 2003, connected by a tunnel. I want to have a DC in each location to allow for local login/authentication.
Can someone tell me what roles I should assign to the DC's in the remote branches?
I am about to install a Win 2012 DC's in each location in case that matters.
Solution 1:
Typically, if the home office is the largest, that's where all of the FSMO role holders are.
The domain controller(s) at the branches should be both DNS servers and Global Catalogs.
Solution 2:
It essentially doesn't matter where you put the FSMO roles : although it's a good idea to have the PDCe in the office with the most people, since that's the one that handles notifications for password changes, lockouts, etc. With a HQ and a single branch office, you might as well leave all the FSMO roles on the HQ, especially if that's the office with better hardware and better backups.
Edit- as mentioned below, if you only have (and likely only will have) a single domain, you can and should simply make all of your DCs also GC servers - and that's not a role, which is what your question asks for.