Domain / AD / File Server question

Posted on 2005-05-05
Last Modified: 2010-04-18
I'm new at this 2003 AD stuff and I have done a lot of research but i have a few questions that i would like to get clarified before I move forward with the configuration process and I would really appreciate any input...

I have a single domain.

I have read that it is best to have 2 domain controllers for fault tollerance.

1. Should I have the GC running on Both domain controllers? If not should it be on the server which holds the FSMO roles or should it be on the other server? By default when adding the first DC is it automatically made a GC server?

2. I then need to configure Shared directories for departments to share files but restrict outside there department. I was going to have each department be an OU. I want these files to be located on the First DC in my setup as it has much more storage space than the other. Would this become a file server or simply have the shared folders in there OU? And would that data be replicated over to the other DC or would only the login information be replicated?

I think that does it for my question. Thanks in advance for the help!

Question by:mklaro
    LVL 18

    Accepted Solution

    1. Yes, if you have multiple domain controllers....have the GC run on each...without a global catalog on both, if the one with it goes down, then the other one won't be able to authenticate users. The first DC is always a GC.

    2. Folders can't be actually located inside an OU is simply a part of Active Directory organizational design. Think of it as simply a filing cabinet for your AD user and group information.

    So yes....the server that houses the files would be a file server in addition to being a DC. The folders/files would only be located on that one server....replication is on for Active Directory....not anything else housed on the server.  
    LVL 18

    Expert Comment

    To control who has access to what files/folders then you would set NTFS permissions. General practice is to give everyone share permissions and then be more restrictive with your NTFS permissions.

    Author Comment

    thanks a lot for the info!

    Author Comment

    Can I start by making the first DC primary DNS and then adding the second DC online and make that a primary DNS and then take away Primary from my First DC and make it a Secondary DNS?

    The whole point is i want the First domain Controller to become my secondary

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
    The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now