[Last Call] Learn how to a build a cloud-first strategyRegister Now


Domain / AD / File Server question

Posted on 2005-05-05
Medium Priority
Last Modified: 2010-04-18
I'm new at this 2003 AD stuff and I have done a lot of research but i have a few questions that i would like to get clarified before I move forward with the configuration process and I would really appreciate any input...

I have a single domain.

I have read that it is best to have 2 domain controllers for fault tollerance.

1. Should I have the GC running on Both domain controllers? If not should it be on the server which holds the FSMO roles or should it be on the other server? By default when adding the first DC is it automatically made a GC server?

2. I then need to configure Shared directories for departments to share files but restrict outside there department. I was going to have each department be an OU. I want these files to be located on the First DC in my setup as it has much more storage space than the other. Would this become a file server or simply have the shared folders in there OU? And would that data be replicated over to the other DC or would only the login information be replicated?

I think that does it for my question. Thanks in advance for the help!

Question by:mklaro
  • 2
  • 2
LVL 18

Accepted Solution

luv2smile earned 2000 total points
ID: 13939550
1. Yes, if you have multiple domain controllers....have the GC run on each...without a global catalog on both, if the one with it goes down, then the other one won't be able to authenticate users. The first DC is always a GC.

2. Folders can't be actually located inside an OU...an OU is simply a part of Active Directory organizational design. Think of it as simply a filing cabinet for your AD user and group information.

So yes....the server that houses the files would be a file server in addition to being a DC. The folders/files would only be located on that one server....replication is on for Active Directory....not anything else housed on the server.  
LVL 18

Expert Comment

ID: 13939650
To control who has access to what files/folders then you would set NTFS permissions. General practice is to give everyone share permissions and then be more restrictive with your NTFS permissions.

Author Comment

ID: 13940121
thanks a lot for the info!

Author Comment

ID: 13940433
Can I start by making the first DC primary DNS and then adding the second DC online and make that a primary DNS and then take away Primary from my First DC and make it a Secondary DNS?

The whole point is i want the First domain Controller to become my secondary

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question