Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Can I add new users/computers on second DC, in SBS 2008 environment, while SBS server is offline?

Posted on 2009-07-06
9
Medium Priority
?
469 Views
Last Modified: 2012-05-07
Hi,

I am planning to have SBS 2008 domain with an addition DC server running windows server 2008 standard and both servers will take GC role.
As per SBS restriction, my second DC (windows 2008 standard) cannot take any of 5 FSMO roles.
In case of SBS server is down for few hours, shall I be able to add or remove users/computers on second DC?
Any other service disruption in AD management?

Kindly provide details, when you post the solution. Thanks!
0
Comment
Question by:roger_rex
  • 3
  • 3
  • 3
9 Comments
 
LVL 10

Expert Comment

by:Datedman
ID: 24791171
A few hours' downtime shouldn't impact anything noticeably as long as you have another DC.  No details to mention really.  But why would your server be down for hours at a time anyway?
0
 

Author Comment

by:roger_rex
ID: 24791246
Hi Datedman,

Thanks for your comment.
I am planning a solution to face a situation that hardware failure or critical error occurs on SBS server and recovery takes few hours.

As I will not be implementing the second DC as RODC, I should be able to write to AD database, in case of SBS server's failure. But all the FSMO roles are held by that SBS server. This limitation triggers me think about this situation.
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24791284
In my experience it's not a problem.  That's why I have a second DC everywhere even if it's a virtual machine. :)
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 2000 total points
ID: 24791375
The FSMO roles allot batches of IDs for various domain functions... in SOME cases, they are only referenced when another DC runs out of (gets low on) things like SIDs for user accounts.  Technically you should be fine to create new users and computers - BUT, you SHOULDN'T DO IT because the SBS server, when created there, will setup the accounts properly for your domain.  The wizards from SBS will not extend to the second server.  The second server should, in some respects, be considered Read Only and essentially as a backup to preserve your AD should the primary server fail - that is, YOU should not make any direct changes on it, other than, if necessary, resetting a person's password.
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24791383
Ah thanks leew, i should have specified that i haven't used SBS for a while, didn't know that about it.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 24791388
For example when created with the wizard, they will belong (be prompted to confirm that they should belong) to the proper groups, create an exchange mailbox, etc.  None of this happens if you set them up on the non-SBS DC.
0
 

Author Comment

by:roger_rex
ID: 24801425
Hi Leew,

I found your comment is impressive.

Just want a clarification. Can we create an account on second DC, while SBS is offline, and create a corresponding mailbox, when SBS comes back?

IMHO, group membership should not be an issue, as those groups will exist on second DC. Moving an account among the groups also is an easy task.
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 2000 total points
ID: 24805212
I didn't say group management was difficult.

And yes, you can create an Exchange Mailbox later...

BUT, WHY would you make your priorities creating a user account and not getting the server running again?  Why would you not wait to get the SBS Server running appropriately?  

I'm not saying you WILL have problems, but SBS is designed to be managed by wizards with the wizards taking care of various tasks.  When you don't use the wizards, you open yourself up to sporadic problems - a user created with the wizards may not be otherwise identical to one that is created through "standard" means.  I've never taken the time to compare the differences in differently created user accounts in SBS - seemed pointless since the SBS server will never be down for an extended period with a good backup and recovery plan in place and a good warranty.

Frankly, if you want redundancy, I'd suggest putting SBS on a virtual machine running off the server.  If the server fails (anything short of catastrophic hard disk failure), you can just copy the VHD off the server hard drives and boot it from a laptop, desktop, another server - whatever, and be back in business in minutes.
0
 

Author Comment

by:roger_rex
ID: 24805617
Hi Leew,

That's great!

Your comments really help, even though I do not love to rum my SBS from VM, for performance reason. My hardware is not that strong.

Really appreciate you guys sparing time to answer me!

Points awarded!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question