Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 482
  • Last Modified:

Terminal Services on Domain Controller

I have a windows 2000 domain controller that is also running an Mdaemon Email server with Groupware and Norton AV.  I need too run Quickbooks Enterprise under terminal services.  The server is handling 12 users right now.  I am contemplating installing TS in App mode on this DC.

I understand the security implications of running all this stuff together and don't really want too hear anyone reccommend I not attempt this because it is bad form.  I know it is.  

I want too know if anyone has installed TS in app mode on their domain controller running similar services and I want too know if they ran into any difficulty.  Did any programs on the machine start behaving badly?

If I attempt this and it fails miserably, what is the best backup strategy too attempt recovery of my DC?  Will recovering from a ERD if the registry is previously dumped save me.  What about the system state?
0
donnatronious
Asked:
donnatronious
  • 5
  • 3
  • 3
2 Solutions
 
infotraderCommented:
We have had a similar setup in the past.  Where due to the "budget concerns" we were forced to run TS in app mode on our box that was also the ISA firewall/Exchange/RRAS server (I forgot if it were a DC or not... could be).

I can tell you that it didn't take long before we changed our mind.  We were running some SQL testing apps, and because the computer was already under heavy load, such as yours, whenever a decent script was running, nobody else could do anything because the CPU usage would shoot up to 100%.

Another problem with running an app on TS is that users often forget to "logout" instead of closing windows with the "x".  When this happens, it not only takes up unncecssary resources away from computer, it could also cause difficulties on your quickbook files because certain files might be "open".

Finally, it depends on how messed up your DC is.  If it is just moderately messed up, and it is your ONLY DC, then you'd need to pray that a simple recovery procedure such as "Safe Mode" or "Recovery Console" or "Last Known Good Configuration" could save you.  If it is worse, which it often is, then you'd need to have a good backup of the files AND system state, and work from there.  (You'd need to install windows and the backup software 1st, so you can use it).  If you have multiple DC's, then you might need to perform what's called a "Authoratative  Restore" when neccessary.

Either way, I don't have to tell you since you already know it is a bad idea.  All these trouble we're talking about, and we haven't even discuss the possibility of reinstall the software such as your Email server , Groupware, and Norton AV yet.

- Info
0
 
donnatroniousAuthor Commented:
I only want to run one app.  Quickbooks Enterprise Edition.  If I was only serving this app, would you consider it?  My server is plenty fast, 6 10K disks raid 5, 1.4Ghz and I could add second processor, and 1GB ram.  Would you consider it then or am I just kidding myself?
0
 
donnatroniousAuthor Commented:
Server never currently sees proc usage over 30%
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
infotraderCommented:
The problem is not so much the app but the consequences of allowing users to access your DC.

As I understand it, Quickbooks is a financial app.  There really shouldn't be a whole lot of horsepower requirement.  However, (I think someone will shoot me for saying this stereotype), in my experience, the finance department isn't the sharpest in computer safety practices.  I also understand that you have Norton AV installed, but that's not going to stop user mishaps nor is it 100% effective.

It is easier to install a Win2K box (or even a XP-Pro and turn on Remote Desktop) that is sub-par on performance then to actually allow users to log onto the DC....  

Let's also put it this way, it is a lot easier to rebuild a machine that does nothing but RDC and Quickbooks, then reinstall EVERYTHING on that DC you just mentioned.  I'd even make a image of the hard disk once installation completed, so it'd take me a few minutes to restore it if and when users screw up.

- Info
0
 
NzarthCommented:
I have a TS running under app mode on a DC (yeah its bad form but I had to).  Anyway, it is running fine for me so far :)

About people not disconnecting correct, you can set RDP to disconnect for them after a period of time that you set.

I agree with the above in that it is much easier to rebuild a non DC than a DC, but if you are forced to then you have no option.

If you can back up everything, including the system state and then you should be good to go.  Maybe another way is to use ghost (only if you are happy that the server is running fine and that you have the storage for the image).
0
 
donnatroniousAuthor Commented:
Nzarth - How long has it been running?  How many users is it servicing?  Is the machine running Email?

I have read that Ghost isn't "supposed" to work on Windows Server OS?  Is this correct?

Have either of you used Ghost on a raid 5 array successfully?
0
 
infotraderCommented:
Depending on the ghost version (Enterprise vs. standarad), and what kind of luck you're having.  I've ghosted servers before with the Corporate edition and it worked.  I know people that's done ghosting of RAID5 before, although that never worked for me.

- Info
0
 
NzarthCommented:
No I have just one disk, hence ghosting :)

I have 16 users working on it, plus email.  The server specs are Dual Xeon 2.8 GHz plus 1.5GB RAM.

Users have not complained about performance and it shows via Performance Monitor :)
0
 
donnatroniousAuthor Commented:
Nzarth - What app are you serving through Terminal Services?
0
 
donnatroniousAuthor Commented:
Nzarth - How long has it been running like that?  Did you install TS app mode after you email was running?  Have you installed any applications you didn't want too serve through terminal services since installing in app mode?  Out of curiosity what email are you running?
0
 
NzarthCommented:
Exchange was installed before TS (Exchange 2000).  The apps installed are Office 2000 mainly and Acrobat, and a few other small programs plus its running AV.

I would say its running more than what you have said you are running, so if the Server specs are similar then go for it.

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now