I am in the process of upgrading our windows 2000 network to 2003. I have purchased 2 new Domain Controllers that are only going to be used as DCs. I am thinking about getting another server to be only DNS and DHCP. Are there any other roles that I am not thinking about? Please let me know what you guys think would be the best setup.
Thanks,
Scott
-
-
It depends on the size of your network, and how many users you have.
I happily ran a 500+ machine network with 1300+ users from 2 Win2k3 servers for 2 years with no problems. They weren't massively powerful boxes either, Dual Core Athlon MP 2200s with 1Gb RAM and 2x72Gb SCSI HDs each.
After upgrading our servers, replacing the 2 with 5 new boxes, I didn't notice that much of a difference when monitoring the servers to be honest.
Server 2003 can handle a lot, but for a bit of reilience, obviously, more can be better, if the budget allows of course
-
I agree with you on the size. I know that I am going a little over kill, but I want to get things going right. We have approx 500 users. What services do you guys reccoemnd on each box?
DC1 - AD
DC2 - AD
Server1 DHCP, DNS -
W3bbo
Work hard; increase production; prevent accidents, and be happy.
sdanton wrote:I am in the process of upgrading our windows 2000 network to 2003. I have purchased 2 new Domain Controllers that are only going to be used as DCs. I am thinking about getting another server to be only DNS and DHCP. Are there any other roles that I am not thinking about? Please let me know what you guys think would be the best setup.
Thanks,
Scott
Personally, I think it's a good idea to run both DNS and AD on the same box, it's not as though they use a massive amount resources, and you get redundancy there.
You could shove IIS on there and put up some departmental websites, maybe Streaming Media Services so you can broadcast your favourite ch00ns over the LAN (until upper management finds out about it and starts insisting their "Mission Statement" is played down it as an interstital every 5 minutes, then you know it's time to go start looking for another job).
-
blowdart
Peek-a-boo
W3bbo wrote:
You could shove IIS on there
NO. Do not put IIS, SQL or anything that requires it's own account on a domain controller. It's a stupid security risk.
-
W3bbo
Work hard; increase production; prevent accidents, and be happy.
blowdart wrote:
W3bbo wrote:
You could shove IIS on there
NO. Do not put IIS, SQL or anything that requires its own account on a domain controller. It's a stupid security risk.
What if it was a Read-Only Domain Controller?
-
blowdart
Peek-a-boo
W3bbo wrote:
blowdart wrote:
W3bbo wrote:
You could shove IIS on there
NO. Do not put IIS, SQL or anything that requires its own account on a domain controller. It's a stupid security risk.
What if it was a Read-Only Domain Controller?
What has that got to do with it? There are no local accounts on domain controllers, so IIS, SQL, BizTalk, whatever runs under domain accounts; and that's really not a good idea unless you really know what you're doing and how to lock it down.
-
Following a consultation with my former employers favourite consultant, our setup ended up like this:
Server 1
Server 2
Server 3
Server 4
Server 5
Domain Controller
X
X
DNS
X
X
DHCP
X
Global Catalog
X
X
WSUS
X
Operations Manager
X
Schema Master
X
Infrastructure Master
X
File Store
X
Printers
X
Sharepoint
X
SQL Server
X
Exchange
X
ISA
X
RID
X
There were 3 more servers which ran specific services, but these were the main 5.
-
Can someone tell me what RID is?
-
blowdart
Peek-a-boo
sdanton wrote:Can someone tell me what RID is?
Could be a relative identifier server; but I would have thought it would have been on the main DC
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.