?
Solved

Domain Contoller Role Owners, How Best to arrange

Posted on 2009-04-20
5
Medium Priority
?
414 Views
Last Modified: 2012-05-06
I am looking for input on what would be the best disribution of the operational roles on windows domain servers (RID, PDC, Infrastruture and Schema) I am going to have 2 domain controllers to split the roles over. I currently have 3 domain controllers with the Schema role on one and all other roles on the 2nd and no roles on the third. I am replacing 2 of the domain controllers with new server 2008 controllers and dropping the 3rd one completely these 2 servers will also be hosting DNS and DHCP for our network.

Thanks
0
Comment
Question by:mattolan
  • 2
  • 2
5 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 750 total points
ID: 24189719
If this is a simple, single domain then the recommended, and most efficient solution is to have all the FSMO role holders on the SAME machine.
0
 
LVL 14

Expert Comment

by:amichaell
ID: 24189944
Below is a Technet article on role placement in a 2008 domain.

https://technet.microsoft.com/en-us/library/cc754889.aspx
0
 
LVL 2

Author Comment

by:mattolan
ID: 24193798
yes, this is a simple single domain set up
0
 
LVL 70

Expert Comment

by:KCTS
ID: 24193831
In that case - leave ALL the FSMO roles on a single machine
0
 
LVL 2

Author Comment

by:mattolan
ID: 24193869
ok, but what if that machine fails? don't I risk losing data? or will the second machine be able to recreate that data if I tell it to seize the roles?
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question