Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

IIS and Domain Controller - Feasible?

Posted on 2009-04-02
2
Medium Priority
?
1,505 Views
Last Modified: 2012-05-06
I have a Windows Server 2003 that acts as a domain controller, DHCP server, and file server.  Presently, it's underutilized.  I'd like to get WSUS going in the office, and the Windows Server 2003 is the only candidate, but have been told that IIS on a domain controller opens the server up to malicious activity.  I'm not sure I understand why.  If the server has a private IP and is behind a very robust firewall, where's the risk?  Is it possible to install IIS on a domain controller that minimizes the risk?
0
Comment
Question by:jdana
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 9

Accepted Solution

by:
KrazyRhino earned 500 total points
ID: 24054414
Adding ANY functionality to any computer/server is a vulnerability. On a domain controller if it has IIS it can bbecome "more vulnerable" but then again if you can log in to it, it does also.

I have been an Admin on several networks that have IIS on the secondary domain controller, if that is what you are thinking that should be fine, but it is a general rule of thumb just for safety sake to keep a primary domain controller with as few additional functions as possible.

That being said, seeing as you have the additional functions already the addition of IIS shouldn't hurt it too much, just make sure to patch it when it is done installing and use some sort of vulnerability scanner or some other tool to lock it down to only your intended uses.
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 500 total points
ID: 24054526
We have wsus installed and working just fine on our domain controller, and I installed this  three years ago. Have had no problems. We also are running dhcp, file server and even applications.

Heres a great guide to get you set up

http://blogs.microsoft.co.il/blogs/yanivf/archive/2007/09/23/install-wsus-3-0-step-by-step.aspx
 
Just make you run the Security Configuration Wizard afterwards
http://redmondmag.com/columns/article.asp?editorialsid=984 
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question