• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

argument for multiple windows domain controllers

I am in the proposal stages of designing a small network.  I have proposed two servers...One SBS 2003 STD server and one 2008 server.  I had intended to have the second server there idle as a disaster to maintina the AD informatino in the event of a failure of server one.  I got the following reply from the clients advisor.  Can you counter this?  I obviously want to sell two servers, but if I am wrong, then I am wrong.

In this environment I see no advantage gained by the backup server.  While this server would keep the "network" running, there would be no data to access, because it would all reside on the primary server. Therefore to the end user, this server would do nothing.  Current windows clients will cache the domain sign on data, so unlike in the past, you would still have full access to your local P.C.   While there are ways to make the secondary server a true fall-back for the primary server, this would require both servers to have IDENTICAL hardware configurations, and use a different version of windows server (Windows Server 2008 enterprise).   This would be substantially more expensive  and I am not sure that level of redundancy is justified in this environment.
2 Solutions
Your user is somewhat right and somewhat wrong.  Yes they will need to pay for software and hardware licenses for the backup server.  Depending on how your going to backup the server, they may not need IDENTICAL hardware. If you truely ghosting the system, then yes, hardware needs to be the same.  If your just backup up data that changes each day, then no, you dont need the same exact hardware.  But in MOST cases, it always highly recommended to keep both machines the same when feasible.

In guess in our business we must get to the following responsibility....
1.  We must be totally honest to the customer
2.  We must explain every gotcha to the user for not having  a backup.. Virus, Disgruntled employee be malicious, power outages and any other disaster scenario.
3.  Next after explaining 2, ask them how long of a down time their business could operate without the system being there.  (To include locating someone to come in reload whole system and then finding data hopefully that is backup somewhere).
4. Now the hard part for us.... Let them make the decision.  As a contractor of systems, our job is to ensure the customer knows all the pitfalls by education, and if they decide they can live through step 3 without backup, let them do so.  You can lead a horse to water, but you cant make it drink.

In my younger days I wanted to make everyone do the right thing to keep them from not having night mares of data and computer problems, but the reality hit, some users and managers due to ignorance, are like used car salesman trying to impress the owner and save them some money or they have poor budgets are going to take the risk of losing their system.  

And thats when I learned why Im here.... and when I make my most money, for those type of people.  Yes I love having the guy who smart and listens and buys the backup server and makes his life easier, but I found out more, that I make lots more from the guy who is panic mode because he didnt back up his stuff. Because in the long run, he is going to backup server, but it wont be until after he lost all his data once and its a midnight on a 4 of July weekend, and Im in there charging him ungodly amounts of money since he was hard headed in the first place.   The old pay me now, or pay me LOTS later scenario.

Just be nice, tell them the reasons too and then let make the decision.  All you can do... be nice so they will call you when the disaster happens, and after doing this for 25 years.. it will happen.


If you buy into a second server, you can configure a lot of replication and failover to that server, so more services than simply Active Directory continue to function if the first server fails.

Installing the second server as a DC and GC is imperative. The second server must also be a DNS Server and be configured as an alternate DNS server for all workstations (such as through DNS). For all my clients, I then use DFS to replicate data between the two servers and to create a domain-based namespace, so there is a central point for all share traffic to go to. (Shares mapped to \\domain.com\Share-Name rather than \\server\Share-Name). An offline server will as a result be transparent to the user and their access to file shares will continue as usual from the remaining running server. To make this effective, use Server 2003 R2 or Server 2008 as it has improved DFS Replication features.

For other applications (such as Exchange or SQL Server) you need to consider their high availability features separately. For automated Exchange 2007 failover, as an example, you need Server 2003/2008 Enterprise and Exchange 2007 Enterprise, which is costly and generally way too much for a lot of environments.

The benefit of a second server is much more than simply an idle standby. With load balancing (such as through DFS) and so on, both servers can run the network on a daily basis.

The consultant is both right and wrong. The servers do NOT need to be identical hardware for traditional high-uptime techniques, such as Windows clustering (costly) or simply promoting 2 DCs. Similar hardware is only recommended if you install a server as a cold standby - one which is booted and has a backup restored to in the event of a failure of the main server.

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now