Domain / AD / File Server question
I'm new at this 2003 AD stuff and I have done a lot of research but i have a few questions that i would like to get clarified before I move forward with the configuration process and I would really appreciate any input...
I have a single domain.
I have read that it is best to have 2 domain controllers for fault tollerance.
1. Should I have the GC running on Both domain controllers? If not should it be on the server which holds the FSMO roles or should it be on the other server? By default when adding the first DC is it automatically made a GC server?
2. I then need to configure Shared directories for departments to share files but restrict outside there department. I was going to have each department be an OU. I want these files to be located on the First DC in my setup as it has much more storage space than the other. Would this become a file server or simply have the shared folders in there OU? And would that data be replicated over to the other DC or would only the login information be replicated?
I think that does it for my question. Thanks in advance for the help!
I have a single domain.
I have read that it is best to have 2 domain controllers for fault tollerance.
1. Should I have the GC running on Both domain controllers? If not should it be on the server which holds the FSMO roles or should it be on the other server? By default when adding the first DC is it automatically made a GC server?
2. I then need to configure Shared directories for departments to share files but restrict outside there department. I was going to have each department be an OU. I want these files to be located on the First DC in my setup as it has much more storage space than the other. Would this become a file server or simply have the shared folders in there OU? And would that data be replicated over to the other DC or would only the login information be replicated?
I think that does it for my question. Thanks in advance for the help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
To control who has access to what files/folders then you would set NTFS permissions. General practice is to give everyone share permissions and then be more restrictive with your NTFS permissions.
ASKER
thanks a lot for the info!
ASKER
Can I start by making the first DC primary DNS and then adding the second DC online and make that a primary DNS and then take away Primary from my First DC and make it a Secondary DNS?
The whole point is i want the First domain Controller to become my secondary
DNS
The whole point is i want the First domain Controller to become my secondary
DNS