?
Solved

domain controller cluster

Posted on 2008-06-25
10
Medium Priority
?
1,097 Views
Last Modified: 2012-05-05
Dear Expert,
currently i m having domain controller installed on windows server 2003.

Now I am plannig move on to clustered DC.I have two Identical servers to do so.

Now my question is whether it is recommended? What are the steps i should folow?

Sandeep



0
Comment
Question by:sandeepthete
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 13

Accepted Solution

by:
TheCapedPlodder earned 165 total points
ID: 21864548
This is not a best practice.  In fact I doubt it's even possible.

Build each server as Windows 2003 Standard and promote them to be domain controllers.  Active Directory automatically replicates with other domain controllers in the same domain and provides complete fault tolerance (with the exception of FSMO roles).

Make sure you install DNS on both servers and created your DNS zones as AD integreated.  Also ensure you make both DC's global catalogs.

You'll save yourself a bundle on Enterprise Edition licenses and shared disk.
0
 

Author Comment

by:sandeepthete
ID: 21864806
thanks..but its not all abt saving money.I have already bought hardware & licences.
I have my storage box is ready.
Below are the steps i have completed.
1.Created LUNS on storage (hitachi AMS)
2.Installed win2k3 r2 enterprise edition on both nodes.
3.Promoted both nodes to Domain controller(test domain).
4.Then I followed the procedure from microsoft K-base and configured the cluster.
5.Clustering is workin fine in test domain.

Now my concern is to tranfer or migrate my existing domain to this new environment with minimum down time.

Regards,

Sandy

What I want to achive is complete fault tolerence.
0
 
LVL 30

Assisted Solution

by:LauraEHunterMVP
LauraEHunterMVP earned 60 total points
ID: 21864852
Clustering domain controllers is not a recommended configuration, see http://support.microsoft.com/kb/281662. You achieve fault tolerance in Active Directory by deploying multiple individual domain controllers, not by creating clusters.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 7

Expert Comment

by:ManicD
ID: 21865180
Quote "LauraEHunterMVP:
Clustering domain controllers is not a recommended configuration, see http://support.microsoft.com/kb/281662. You achieve fault tolerance in Active Directory by deploying multiple individual domain controllers, not by creating clusters."


This is very true, should your domain controller hosting any one or multiple FSMO's fail you can seize the FSMO role onto another DC.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 21867094
I'll add to that - clustering of DCs is NOT recommended, by all means have two DCs - but not in a cluster - keep your cluster to exchange and keep the DCs seperate
0
 

Author Comment

by:sandeepthete
ID: 21872376
Why clustering of domain controllers are not recommended by microsoft?

can anybody list few points?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21872581
It's really quite simple.  Active Directory is fault tolerant by design, if one AD server fails all other AD servers will happily carry on regardless provided FSMO roles are moved (and this is a well documented process).  Adding clustering to the mix just over complicates things unnecessarily and reduces the usefulness of the two servers.

With two seperate servers running indepently both can serve customers at the same time making maximum use of the servers.  In a cluster only one server is doing anything at any one time.

With two seperate servers when one fails there is no interuption to service.  In a cluster when the active node fails there is a service outage whilst resources fail over.

You've now been told by four people that this is not a good idea. Take that as a good recommendation.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 21873608
Did you happen to actually read the Microsoft link that I listed earlier?

"You cannot cluster domain controllers for fault tolerance. You can promote computers to be domain controllers, and then you can install the Cluster service on those computers, but there is no method to store Active Directory on any one of the cluster's managed drives. There is no "failover" of Active Directory."
0
 
LVL 13

Assisted Solution

by:TheCapedPlodder
TheCapedPlodder earned 165 total points
ID: 21873632
I didn't read it myself but I did postulate in my first response that "In fact I doubt it's even possible" so it's nice to have this confirmed.

So there we have it.  Can't be done.
0
 

Author Comment

by:sandeepthete
ID: 21873775
Dear All,
Thanks a lot for ur responce..I think the point is well explained.
I have one small query regarding the storage.
Ok now if i promote one server to PDC..Is it possible by any chance that MY ADC and PDC could share a common storage from my SAN box.

Sandy
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question