SUS on domain controller?

I'm looking for some opinions on my dilema...

I have a small network of about 40 computers that are on an active directory domain (windows server 2003). I really want to use SUS to more easily manage patches, but I'm cringing at the fact of having to install IIS on a domain controller even if it is locked down. Our domain controller is the only server we have.

Buying complex patch management software or another server to run SUS just does not seem like an option for such a small network.

What would you all do in this situation?  
LVL 18
luv2smileAsked:
Who is Participating?
 
valiconCommented:
I wouldn't really place SUS on a DC.  I am not concerned about security and IIS as SUS really locks down an already tighten IIS server.  I just think that it's best to leave DC's to do the job of DC's.  Here is a great site for SUS:

http://www.susserver.com

Hope this helps :)










0
 
nihlcatCommented:
Agreed, don't dicker with your DC.  I run SUS on a Pentium 4 Desktop running W2K Server with an 80 GB hard disk for 120 stations...works fine!  IIS doesn't really require much to run, just make sure you have a large hard disk to hold the updates.
0
 
gauthiervCommented:
I agree with nihlcat.  For your small network, a desktop would suffice as long as you have enough disk space to hold all the updates.
0
 
Dave_DietzCommented:
IIS 6.0 is very secure to begin with and the SUS installation locks it down even tighter.

If budget is a serious issue I don't see any problem with installing IIS and SUS on your Domain Controller.

If you can spare a few hundred dollars for a dedicated machine I would agree with the previous answers to this question.

Dave Dietz
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.

Advertise Here