The company I work for is looking to implement Zenworks 6.5 in a pure
windows environment across 2 different sites. I am currently trying to come
up with a design which will reduce bottlenecks but will not blow the
company budget.

At the main site we are planning on having two servers, one will be an
edir/zenworks desktop management server with password syncing installed
(syncing to our Active Directory domain) and the other server will be a
middle tier. (I understand that there is a limitation whereby you can't
have the middle tier on the same machine which is doing the password synching)

At our secondary site (which connects to the abovementioned site via a
100mb microwave link) I was thinking of having another edirectory server
joined to the tree at the main site and possibly another separate middle
tier server.

Now that I've explained the scenario, my questions are:

1) The two edirectory servers synch accounts between each other because one
is the master and the other is the read/write. (right) assuming this is the
case does this mean that the password synchronisation component (which
enables the synch between Active Directory and edir) only needs to be
installed on one server in the edir tree?

2) Can Zenworks Desktop Management be installed on both servers in the
edirectory tree? Ideally we would like for machines to get their
applications delivered from onsite zen servers rather than pulling apps
between sites.

3) If the answer to the above two questions are right, then can edirectory
(read/write) and Zenworks Server management and the Middle Tier be
installed on the one server at the secondary site considering that password
synchronisation does not need to be installed here also or will this cause
issues with the AD password synching.

Thanks in advance for your help.