• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 378
  • Last Modified:

DNS

Hi,

I'm setting up a new server: small business server 2003 premium edition

It's basically going to be an application server, serving asp.net applications and a SQL server database.  We already have another server that contains all the user acccounts for all workstations in the office (about 5-10 workstations).

I'm a newbie when it comes to DNS, and i'm not sure how important DNS is on this new server.. During installation it prompted for a domain, so I entered blackhawk.local

However, our other server, which is also SBS, is running on accounting.local.

Are there any issues that i'm going to encounter?  Any advice/recomendations on what i should do in this particular setup..?  Also a DNS crash course or links / references would be appreciated :)

Thanks - Trevor
0
trevorhartman
Asked:
trevorhartman
  • 9
  • 7
  • 6
  • +2
5 Solutions
 
gjohnson99Commented:
yes and no

You cant have 2 sbs server on the same domain
0
 
trevorhartmanAuthor Commented:
right, so i'm ok?
0
 
Chris DentPowerShell DeveloperCommented:

Yes you should be fine.

I haven't played with the 2003 version of SBS, but the 2000 version was pretty keen on trying to start a DHCP server - you may want to ensure it doesn't do anything like that as it would potentially interfere with your current setup.

blackhawk.local is just the authentication domain, for a webserver that part of it doesn't need to be public (or even publicly accessible) - just as long as IIS (and SQL) can find it.

Of course there's the usual restrictions in place, so no forming trusts etc etc.

HTH

Chris
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
trevorhartmanAuthor Commented:
thanks, yes i disabled DHCP so i think everything should be ok...
0
 
Chris DentPowerShell DeveloperCommented:

I agree :)
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
No, you're not OKAY... you CAN'T use TWO SBS boxes on the same network.  (Chris - it's much more than what you are describing... the domain controls ALL user logins and file permissions).

It's not about DNS, but Active Directory (which will host the DNS when you set it up right).

If you're going to add an additional server to an SBS network, then it must be a Server 2003 Standard edition or web edition.  (Being that you want to run SQL on it, then you may want to reconsider your deployment... perhaps running your accounting on a separate Server 2003 machine so that you can get the benefit of Exchange running on your main server).

You probably want to pick up the Advanced Best Practices Guide from http://www.SMBNation.com which details a number of deployment scenarios (and while you're there, get the Basic Best Practices Guide... it'll help a ton!)

Jeff
TechSoEasy

0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Just to make it a bit clearer... if you have users that already have "accounting.local" user accounts, then they will not be able to access anything in the "blackhawk.local" domain.  So, user1@accounting.local may not access your SQL server, your printers, your fax or any other domain resource on blackhawk.local.  If your intent is to keep accounting separate, then you will need to keep them as two distinct networks.  
0
 
Chris DentPowerShell DeveloperCommented:

Hi Jeff,

You're right I should have made it clearer that the new SBS server would be inaccessible as a file server.

But the two SBS machines are on seperate (logical) networks.

IIS does not require that the user knows where, or how to access the authentication servers. It doesn't need the user to be able to find the DNS domain blackhawk.local. Authentication requests are taken by IIS then relayed to the domain services. So the ASP.NET applications should be no problem.

SQL itself doesn't require domain access either as authentication tokens are handled by the SQL server, not the client.

I assumed this wouldn't be a problem as the original question stated:

"serving asp.net applications and a SQL server database"

On that level, it really shouldn't be a problem would it?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Yes it would for a couple of reasons... first, it's a violation of the license.  Second, it will crash.  An SBS machine MUST be the root of the forest and the primary domain controller.  It can only be installed with that parameter, it must also be installed with a fully functional Active Directory or it will not function at all.  SBS has a primary purpose and is ideal for smaller companies.

While it is true that SQL may not require domain authentication, that all depends on the application.

Without knowing too much more about this situation, it seems as though there are a couple of ways to go... depending on the resource needs of the .asp apps/SQL Server and budgetary considerations.

One of the following is appropriate for this situation:

1.  If accounting.local  is SBS Standard edition, it can be upgraded to Premium which will add SQL Server and ISA Server.  Upgrading RAM to 2 - 4 GB will accommodate all of these roles as long as the processor is at least 2.4Ghz or so.  The .asp Apps can run on most any machine alongside of the SBS (including Windows XP Pro with IIS 6) if they are too resource needy.  If the apps are accessed externally, then the box running IIS can be put in a DMZ outside the LAN for security reasons.  The user SBS CAL's would cover access, and there are no additional CAL's required.

2.  If the SQL processes will take up substantial resources, then a Standard Server 2003 should be added to the accounting.local domain with SQL Server 2004 installed on that machine along with IIS 6.0 (or again, IIS can be put on an XP box and DMZ'd -- if price isn't an issue, then that box could be a Windows Server 2003 Web Edition -- but it's not really necessary unless it gets a ton of traffic).  Whatever the combo in this scenario, these boxes are joined to the accounting.local domain.  The additional server (or 2) would take up an SBS Device CAL, but users would not need an additional CAL to access these servers as long as they are part of the SBS network.  If they are deployed in a separate domain, SEPARATE SERVER 2003 CALS will be required for each user.

Administering 2 separate domains would, in the long run, be significantly more costly than a single one, since there cannot be trusts with SBS, each domain would need separate patching, virus protection, general maintenance, etc.  Not to mention the additional expense of separate CALs for each user.

If option 1 is possible, it would be my suggestion because managing a single server is significantly less work than managing 2 or 3.  If there are mission critical applications running then separating it out to two servers may be a bit better, although there is still no redundancy... but that's another discussion....

Jeff
TechSoEasy
0
 
Chris DentPowerShell DeveloperCommented:

Jeff,

All in the interest of providing something like a complete answer :)

I'm not familiar with the SBS license to say why having two of them on seperate logical networks is violating it?

Both SBS servers are (as described in the original question) the root of the forest, and the primary domain controller (one on accounting.local and one on blackhawk.local). Does SBS perform detection to see if another (unrelated) SBS server is functioning on the same IP Range?

I agree that it isn't an ideal product to use for hosting. Web edition doesn't allow you to install SQL Server, so the options there are basically Standard or Enterprise (or two servers). It is worth noting that Web Edition doesn't require Client Access Licenses though - so it can often be a good option, again depending on the number of clients that require access.

Basically, the options for what is used depend on the resources available - and of course if the choosen path is one that works.

Chris
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
The license violation is not obtaining an additional CAL for the additional server.  Per the SBS EULA, any user accessing the server must have a CAL (or any device must have a CAL).  Therefore, using just SQL authentication is not permitted.

Having both servers on the same IP range is exactly the problem... one of them (the first one that was there, usually) will take over... whether you've created a separate domain on the other one or not, it will block the other one from having access to TCP/IP essentially... I've tried it and it ain't pretty.  So they would have to be entirely separate on different subnets.

As for webhosting... again, if it's a small deployment... an XP Pro machine doesn't require CALs either.  :-)  And if the main SBS box has ISA, it can be secured just as well as anything.

Jeff
0
 
Chris DentPowerShell DeveloperCommented:

All makes sense, and I always forget about XP for such things.

So generally would be better to try and avoid setting up SBS for this.

Chris :)
0
 
trevorhartmanAuthor Commented:
aaarrgh.  too complicated :)

thanks for the great discussion guys.. Now, i'm just not sure where to go from here.  We just bought this server to be our application server, of course not understanding the whole SBS issue.  We went with SBS premium b/c it comes with SQL server.. I set my own account up in the new server's active directory, now i can access that server over the network so I can develop my app on it (i'm a programmer, not a server amdin, hence the problems...!), and I should be the only one who needs to.  Besides that, everyone will just be accessing internally it like this:

http://kioskApp/

one thing, the new SBS came with 5 CALS, so that's ok right?  (not sure how the whole CAL thing works)

it's been up running on two domains since yesterday, no problems.

-Trevor
0
 
trevorhartmanAuthor Commented:
note: we can't afford to buy any more OS's or servers, so we're stuck with 2 SBS's
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, sorry to say you can't use 2 SBS's on your network, no matter what.  You need to sell one of them or return the one you just got, unfortunately.  

I think you should find a local Microsoft Partner who specializes in SBS to help you determine your best course of action.  If you need a referal, please let me know.

Jeff
TechSoEasy
0
 
NJComputerNetworksCommented:
I would agree that you should not be using two SBS servers within one company.  You may want to investigate the transition pack.  

but this costs money too...

From a technical standpoint what does the Windows Small Business Server 2003 Transition Pack do?
 
A. The server transition pack removes all of the Windows Small Business Server 2003 limits (such as 75 CALs, no Active Directory trusts, and CAL enforcement). The CAL transition packs are a license only.
 

http://www.microsoft.com/WindowsServer2003/sbs/techinfo/overview/licensingfaq.mspx




The best course of action would be to talk to whoever sold you the SBS.  See if you can return this and purchase Windows 2003 Server and SQL server instead.  They probably won't want to do this for you...but it doesn hurt to ask...
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Essentially the transition pack turns an SBS into a Standard Server 2003, but it would make more sense, if your accounting.local machine is SBS standard to migrate that all over to your new machine, and then just use the CAL's that came with accounting.local by adding them to the blackhawk.local machine.  

Jeff
0
 
trevorhartmanAuthor Commented:
transition pack looks expensive!!  what we wanted to do was have a seperate server handle everything this application needs: IIS & SQL Server.  If you buy windows server 2003 and sql server by itself, its way more expensive, which is why we went with SBS, not knowing of the issue with 2 SBS....
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
What's keeping you from putting it all on one machine?
0
 
trevorhartmanAuthor Commented:
the boss wanted to keep it seperate, so we could have something to grow into, b/c eventually we will need a seperate application server
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
well, then tell him how much it's gonna cost to do that...

You have to buy standard server 2003 and sql server by itself...   and since you now know that you can't use an SBS, what's keeping you from putting it all on one machine?  Even if it's only for a year, it's a better way to go... just buy more RAM -- that's way cheap these days.

I manage over 20 SBS networks, all of the SBS boxes now have 2GB - 4GB of RAM and they work just fine.

Jeff
0
 
trevorhartmanAuthor Commented:
thanks all for the suggestions

i'm still trying to figure out what to do, but at least i have some direction thanks to you all
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
no prob... good luck!
0
 
Chris DentPowerShell DeveloperCommented:

Best of luck Trevor
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 9
  • 7
  • 6
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now