Domain / AD / File Server question

I'm new at this 2003 AD stuff and I have done a lot of research but i have a few questions that i would like to get clarified before I move forward with the configuration process and I would really appreciate any input...

I have a single domain.

I have read that it is best to have 2 domain controllers for fault tollerance.

1. Should I have the GC running on Both domain controllers? If not should it be on the server which holds the FSMO roles or should it be on the other server? By default when adding the first DC is it automatically made a GC server?

2. I then need to configure Shared directories for departments to share files but restrict outside there department. I was going to have each department be an OU. I want these files to be located on the First DC in my setup as it has much more storage space than the other. Would this become a file server or simply have the shared folders in there OU? And would that data be replicated over to the other DC or would only the login information be replicated?

I think that does it for my question. Thanks in advance for the help!

mklaroAsked:
Who is Participating?
 
luv2smileConnect With a Mentor Commented:
1. Yes, if you have multiple domain controllers....have the GC run on each...without a global catalog on both, if the one with it goes down, then the other one won't be able to authenticate users. The first DC is always a GC.

2. Folders can't be actually located inside an OU...an OU is simply a part of Active Directory organizational design. Think of it as simply a filing cabinet for your AD user and group information.

So yes....the server that houses the files would be a file server in addition to being a DC. The folders/files would only be located on that one server....replication is on for Active Directory....not anything else housed on the server.  
0
 
luv2smileCommented:
To control who has access to what files/folders then you would set NTFS permissions. General practice is to give everyone share permissions and then be more restrictive with your NTFS permissions.
0
 
mklaroAuthor Commented:
thanks a lot for the info!
0
 
mklaroAuthor Commented:
Can I start by making the first DC primary DNS and then adding the second DC online and make that a primary DNS and then take away Primary from my First DC and make it a Secondary DNS?

The whole point is i want the First domain Controller to become my secondary
DNS
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.