We are contemplating moving our SBS2k8 server to our datacenter. We would be setting up a VPN-VPN tunnel between everything to handle AD. Has anyone done this before? Any particular issues that anyone can remember? So the flow for AD would now become.
SBS<->VPN---VPN<->Internal office network
I had something similar.
As recommended above, you should have a DC on every site. Or, at least a local DNS server for internal services.
I had to add WINS server manually so the users in the domain can authenticate.
Sometimes, in XP, the users could not authenticate and I had to rejoin the computer to the domain.
You may want to make the user profiles local to minimize the traffic over the VPN.
HTH
If all your resources are on the SBS (which - since it's SBS, I guess they are) and your connection speed isn't great, moving the server to the datacenter will not improve the situation, only make it worse.
Unless you have a local DC, local file/print with DFS replication etc?
We have a vaguely similar setup for many of our clients, with e-mail/DC/fileservers in the racks and local fileserver onsite. The advantages are then for DR (in case your main site burns) and better performance for remote workers. But - depending on the number of staff onsite - you do need a decent line.