meglio

Okay, I was able to solve the “early redirect” problem with an additional small plugin:

/* Redirect all administration and login to sub-domains  */
function datainserter_wp_redirect($location, $status = 'not interesting')
{
	if (!force_ssl_admin() || is_ssl())
		return $location;

	if (!function_exists('get_original_url'))
		return $location;

	if (strpos($_SERVER['REQUEST_URI'], 'wp-login.php') === false
		&& strpos($_SERVER['REQUEST_URI'], 'wp-admin') === false)
		return $location;

	$originalHost = parse_url(get_original_url( 'siteurl' ), PHP_URL_HOST);
	$locationHost = parse_url($location, PHP_URL_HOST);
	$location = str_ireplace($locationHost, $originalHost, $location);
	return $location;
}

add_filter('wp_redirect', 'datainserter_wp_redirect');

Oh, Ron, and also it does not immediately redirect
sub.network.com/wp-login.php
to
sub-network.com/wp-login.php

It only redirects after the first login attempt.

Whereas in your plugin we can select rules to partition, right?

So it means that dbDelta will work well only in situations when additional plugin tables do not depend on blog id – because it will always run on the main database. Right?

Thanks, Ron.
I have turned off “remote login”.
But all items in the menu at the top of children websites still link to the mapped domain and not sub-domain:
https://img834.imageshack.us/img834/3462/4of.png