Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1509
  • Last Modified:

IIS and Domain Controller - Feasible?

I have a Windows Server 2003 that acts as a domain controller, DHCP server, and file server.  Presently, it's underutilized.  I'd like to get WSUS going in the office, and the Windows Server 2003 is the only candidate, but have been told that IIS on a domain controller opens the server up to malicious activity.  I'm not sure I understand why.  If the server has a private IP and is behind a very robust firewall, where's the risk?  Is it possible to install IIS on a domain controller that minimizes the risk?
0
jdana
Asked:
jdana
2 Solutions
 
KrazyRhinoCommented:
Adding ANY functionality to any computer/server is a vulnerability. On a domain controller if it has IIS it can bbecome "more vulnerable" but then again if you can log in to it, it does also.

I have been an Admin on several networks that have IIS on the secondary domain controller, if that is what you are thinking that should be fine, but it is a general rule of thumb just for safety sake to keep a primary domain controller with as few additional functions as possible.

That being said, seeing as you have the additional functions already the addition of IIS shouldn't hurt it too much, just make sure to patch it when it is done installing and use some sort of vulnerability scanner or some other tool to lock it down to only your intended uses.
0
 
DonNetwork AdministratorCommented:
We have wsus installed and working just fine on our domain controller, and I installed this  three years ago. Have had no problems. We also are running dhcp, file server and even applications.

Heres a great guide to get you set up

http://blogs.microsoft.co.il/blogs/yanivf/archive/2007/09/23/install-wsus-3-0-step-by-step.aspx
 
Just make you run the Security Configuration Wizard afterwards
http://redmondmag.com/columns/article.asp?editorialsid=984 
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now