[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Server 2008 as a 2nd DC for SBS2003

Posted on 2009-12-18
10
Medium Priority
?
273 Views
Last Modified: 2012-05-08
We have a domain with 1 SBS2003R2 server. A new server is being installed for  SAP with Windows Server 2008 and SQL server. I am having an argument with the SAP supplier where his network specialist claims it is not recommended to install a 2nd DC in a SBS2003 environment (AD issues, Exchange issues ,etc), and should only be done in non-SBS environments, or with a Read-only DC in a remote location part of a SBS domain. Is this true or not ?

Would anyone have links to Microsoft documents that clearly indicate wether it is recommended or not ?

Although I found many documents explaining how to accomplish this, would it be possible that this is not a "Best Practice" thing to do ?

0
Comment
Question by:ndidomenico
  • 4
  • 4
  • 2
10 Comments
 
LVL 78

Expert Comment

by:Rob Williams
ID: 26083801
No problem at all adding as many DC's as you like to an SBS domain. The SBS must be the first DC and must retain the FSMO roles, but adding addtionnals is fine.
 

Following is from an earlier post of mine. For 2008 you just need the newer adprep tool
Add a second domain controller to an SBS domain:
-You need to create a computer account for the new server, using the wizard located under server computers in the server management console of the SBS
-Then point the new servers DNS only to the SBS, and join the domain using the wizard  http://SBSname/connectcomputer
-If the new server is R2 version and your SBS is not R2 you need to run adprep, on the SBS, from the second CD of server 2003 R2 located under \CMPNENTS\R2\ADPREP\
-Now you can run DCpromo on the new server. You must use integrated zones when working with SBS. (there are different options in the wizard, just choose integrated). I would recommend at the same time installing DNS.

You may want to review the following as well:
 Add and Manage Additional Servers in a Windows Small Business Server Domain
http://www.microsoft.com/downloads/details.aspx?FamilyID=6f4015f2-7606-4eaa-828a-00b8df6bd999&displaylang=en
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 26083813
PS- You can only have 1 SBS in a domain
0
 

Author Comment

by:ndidomenico
ID: 26083883
Thanks RobWill. I should have added some more details:
I've already added the 2008 server as a DC. Did all of the adprep, as you suggested, kept all 5 fsmo roles on the server, etc. So far, it seems to work fine.

This issue came up because there was a big performance problem with this new 2008 server, which ended up being the disk controler driver that needed to be updated. But when trying to find the culprit, the DC issue came up.

So I'm trying to find proof (MS document, tech note, etc) to show them that adding a 2nd DC to a SBS2003 domain IS a recommended thing to do, contrary to what they claim.

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:ndidomenico
ID: 26083948
RobWill: obtained from the last link in your post:
"... This document does not cover adding an additional domain controller to your Windows SBS network. You can always add additional domain controllers to your Windows SBS network, especially if you have remote offices or require redundant Active Directory services on your local network."

Do you think this suggests that it is recommended to do mostly when you have remote offices (then they would be right !!!) or REQUIRE redundant AD services.
0
 
LVL 8

Expert Comment

by:beechy_
ID: 26084004
http://technet.microsoft.com/en-us/library/cc708131%28WS.10%29.aspx

half way down; "Join a computer running Windows Server 2008 as an additional domain controller", if this was going to cause a major problem microsoft would not be publishing instructions on how to do it, even if they did it would come with some sort of disclaimer which this does not
0
 

Author Comment

by:ndidomenico
ID: 26084111
This is one of the documents I used for promoting the 2008 server.

But in general, in a SBS environment, is this what most admins do (or that you recommend doing) when they get an additional Server, which is to assign it as a DC ? Or am I being too pessimist or overly carefull in wanting this 2nd DC on the domain ?
0
 
LVL 8

Expert Comment

by:beechy_
ID: 26084155
All i can say is, Microsoft are publishing the article telling you how to do it.  Do you really think they are doing this because it's gonna screw up your network?  It is *absolutely* not a problem to have multiple domain controllers, including Server 2008 DCs, in an SBS 2003 network.
0
 

Author Comment

by:ndidomenico
ID: 26084316
Thanks. I realize it is a documented procedure by Microsoft, and therefore is not supposed to cause problems since it has been fully tested by MS. But sometimes there are things that can be done, but are not considered necessary, or not considered a "best practice" approach. So I was just checking if this was the case.  
0
 
LVL 78

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 26084856
Best practice in ANY Windows domain is to have more than one domain controller. In an SBS domain you often do not see this simply because most are very small and they cannot justify the cost of another physical box and a Server 2003/2008 licenses.

There has been some confusion over the years with SBS because you cannot add a second SBS to an existing SBS domain, and you cannot add an SBS to an existing Server 2003/2008 domain (technically you can but there is some hacking to do). The only difference with SBS is it needs to be the first DC, and you cannot split the FSMO roles over multiple DC's. There would be no advantage of doing so in a small 75 user domain.

The only way to address redundancy for AD and DNS is to have a second DC, so it is a recommended practice. The articles often address remote sites as those sites also depend on the SBS. The remotes sites have more to worry about than just the SBS going off line, they could also be affected by any form of VPN or internet outage between the two sites. Having a local DC/DNS server is therefore even more important to the satellite offices.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 26084902
>>"But sometimes there are things that can be done, but are not considered necessary, or not considered a "best practice" approach."
I wouldn't suggest it is necessary, but if funds are a vailable it is a best practice.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
A procedure for exporting installed hotfix details of remote computers using powershell
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question