• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

Is there any advantage to having an extra Domain Controller for a Small Business Server network

From a Disaster Recovery view, is there any advantage to having an additional Domain Controller in a Small Business Server 2003 R2 network?

If so, what, and how would you handle the main SBS Server failing if you had another DC?

Thanks
John
0
jmsjms
Asked:
jmsjms
  • 5
  • 4
  • 2
3 Solutions
 
RobmonsterCommented:
Hello jmsjms,

It is alwys useful to have an additional domain controller on the network to ensure your ACtive Directory accounts are preserved in case of a failure. Should your SBS server fail then this alternate domain controller will handle login requests and authentication uhtil the main server is up and running again.

I'm assuming you have EXchange runniong on the SBSD too, so having your usera ccount details on another DC will make for a much easier time restoring your email int he event of server death.

Regards,

Robmonster
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Exactly how advantageous it is depends on what your server does for you.  But a second DC would preserve active directory if the SBS server failed and allow your users to potentially continue browsing the internet and logging on.  In addition, if you setup DFS, you can have a replica of the file shares and help ensure that at least SOME services remain functional so your users aren't sitting on their thumbs waiting for the only server you have to be restored...
0
 
RobmonsterCommented:
To expand, exchange email accounts are linked to the active directory accout. It';s not jsut the user login name, but an internal identifier that says which AD account the inbox is linked to. Should your server die as it stands you may be able to resotre your email, but you'll have to manually relink each inbox to it's new AD account, even if your AD accounts are recreated with the same login name. This isbecause recreting the account will give it a different internal identifiuer, causing exchange to think it's a different account.

With an addiutional DC these login details will all be preserved, meaning that once the email data is restored Exchange should recognise all your users natively and give immediate access without extra tinkering.

Rob
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Actually, along the same lines, Active Directory accounts are actually stored as Globally Unique IDs.  You SEE a friendly name like "administrator" but AD sees 3F2504E0-4F89-11D3-9A0C-0305E82C3301-500

A portion of this is randomly generated at the time the domain is created.  As a result, if you "recreate" the domain after a failure, your GUIDs will NOT match since they are randomly created when the domain is created.  The permissions on things remember the old GUIDs while the new domain has a completely different set of GUIDs and as such, you have to spend considerable time restoring things.
0
 
jmsjmsAuthor Commented:
Many thanks to all.  OK, you've conviiced me it's a good idea.

But to finish off, there's the second bit of my question.

"If so, what, and how would you handle the main SBS Server failing if you had another DC?"  

To clarify, I'm not concerned with File data (as I have a backup strategy for that), I'm concerned with rebuilding the SBS server.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
So you don't have backups of the SBS server?

IF you could restore the SBS server from backup, I would rebuild it and install it into an existing domain (since the AD would be appropriately configured for SBS).
0
 
jmsjmsAuthor Commented:
Yep, I've got loads of backups and quite a few Disk Images.  I'm pretty paranoid when it comes to it!

I'm looking for a guide on how to re-install SBS when there's a DC already present.  I've a horrid feeling that if I had to do a full re-build it would overwrite  the AD info the spare DC stores.
0
 
jmsjmsAuthor Commented:
Anyone able to answer?

Cheers J
0
 
jmsjmsAuthor Commented:
Any one got any ideas about the second part of my question?

If not I'll see if it's possible to award points for some of the question and repost for the remaining bit.

Thanks
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
There should be no reason to rebuild it if you have backups.  I would restore from backups.  If it turned out ALL your backups were bad, then there's a MS KB article on installing SBS into an existing domain.  This would be one the instance where I would recommend using that article (in general, I DO NOT recommend using it because SBS sets up the domain in a specific manner... but since SBS was setup first, the domain is in the appropriate format to begin with, meaning that installing an SBS server into a domain in your situation should not pose a problem.

http://support.microsoft.com/kb/884453
0
 
jmsjmsAuthor Commented:
Many thanks to all!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now