• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 284
  • Last Modified:

Can a Windows 2008 Terminal Server operate without a DC?

Hi,

I have been asked to specify and quote on upgrading and migrating a Windows 2003 TS, which I think is also a DC, to a new Windows 2008 TS: The environment currently has dumb terminals and the Users have a Desktop RDP icon to log onto the TS.

I have very little experience with TS but I have been reading that running TS on a DC is not recommended because of obvious security implications. This being the case, if the TS is going to be the only server in the environment, is a DC really necessary? The TS would also be acting as the file and print server but it would be more than adequately specified to run these services along with 10 User sessions.

The other option would be to introduce a virtualised environment and have a DC and TS on the same host, if this is deemed necessary.

Any assistance and advice would be much appreciated.

Regards,
Gavin
0
Gavin75
Asked:
Gavin75
  • 3
  • 2
1 Solution
 
tsaicoCommented:
If you have a DC already, you can just introduce the new TS as just TS, and leave the current DC as just AD functions, user auth, etc.  Then you can leave DC functions off, and run the two server side by side.  You can also use the older machine for a NAS, quick backups, etc.
As for the virtual, I wouldn't recommend it for your particular situation, just as the HD's will always  be your bottleneck and having two OSes, plus one of them being TS with 10 or so live users, your performance will be mediocre.  The users/owners will be expecting a improvement, and in some cases, they may experience worse performance from their new server compared to the new one.  THough you can do this from a technical point of view and many sites do such a thing.
0
 
Gavin75Author Commented:
Thanks for your comment! The whole point of the project is to migrate all services away from the old server and retire it due to ongoing issues relating to performance and reliability, mainly caused by age, so using it is not an option.

What if I just had the server running as a TS, would this work or is a DC and AD necessary in this environment? Can the TS server just be installed as a standalone server?

I am interested to why you don't think a virtual environment will work: The server will have 36Gb RAM, and 2 x Quad Core processors and if going virtual, I would have dedicated mirrored SAS drives for Vmware and 4 x SAS drives with Raid 10 configuration for VM's. Don't you think this would do the job? Admittedly, I have never run TS as a VM, so have no experience here.

Regards,
Gavin
0
 
tsaicoCommented:
It will work.  I just don't think you will have the same performance gains as you would think.  Processing wise and memory wise, you are more than golden.  The problem is always your hard drives.  Generally when I have production virtual servers, they are in SAN configurations.  The virtual idea will work just fine, in fact, it would be fairly easy to convert your existing machine (assuming your issues are hardware related, not OS issues), set up an esxi machine, run it in there, then simply add the new TS server.  It is just when the different users are doing their thing, your bottle neck is the hard drives.  So while your deployment will be probably faster, the end user experience will not improve much.  

From a ROI standpoint, your finance guy will generally always want to know what did he gain by buying the new server.  If you want, you can just build it anyway, test it out, and perhaps your users are not as drive hungry as mine often are.  If the prelim tests turn out good, then you can just transfer the data and go live, and you are done, if it isn't as much as you had hoped, then you can easily scrap it and install in a standard manner.  
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
kevinhsiehCommented:
I would rather operate in a domain environment over a workgroup environment. The virtualization penalty isn't that big for IO, so I would virtualize first, run remote desktop on the DC second, and do workgroup mode as a last resort.
0
 
Gavin75Author Commented:
Hi,

I seem to have two contrasting opinions from a virtualisation perspective, which makes it hard to decide without first running a test environment. I would agree that a domain is far better than a workgroup environment and would extend controls over the configuration of the terminals and potentially other computers being added to the network and this is my preference.

I have not had a definitive answer yet on the question to whether TS will work effectively on a workgroup rather than domain environment? I'm presuming it will work, with all User access controlled by local user accounts on the TS, although, there are obvious negatives to this from a User and Computer control perspective on the network, seamless sharing of resources and complicating the addition of future servers?

Regards,
Gavin
0
 
tsaicoCommented:
Yes, a TS will work as workgroup.  The only problem is you will have to use the TS local users MMC to control your user names and passwords.  You are partially incorrect in that it will limit your control over them, as you can set just about all the policies from the Machine policy and default user profile as you can from AD, you are correct in that it will greatly complicate your life down the road when it comes to adding new servers/replacing it, as you will have to re-do all the security, user names, passwords, etc.  You also run into the problem of having users not understand the local credentials vs the TS credentials, where if they were to change their password on one, the other is not changed vs and AD envrionment, where they are one and the same.

As for the contrasting opinions, just give the virtualization a try, since you are building a new machine on new hardware, it can be set up in a day, played with the next, and then either kept and turned to production or re-formmatted and installed in the traditional manner, not a lot of lost time or productivity.  You know your users best, as well as the apps they use, so it would be all guesswork on out part at this point.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now