[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 302
  • Last Modified:

Windows Small Business Server 2008

Am I right to understand that in Win SBS 2008, the operation master roles are all held by the sbs server and cannot be seized?  Let me give you an example of what I mean...Consider that in a network there are 3 servers.

Server 1 – Small Business Server 2008
Server2 – Windows Server 2003 (Domain controller, DNS)
Server3 – Windows Server 2003 (Domain Controller, DNS)

Server 2 and Server 3 can have no barring on the continuity of the network because none of the FSMO roles can be seized from the Small Business Server should it fail.  When restoring the network, the most crucial server is server 1 and therefore must have the most protection.  It’s fair to say that having the other servers as domain controllers may allow people to log on but for the network to function long term, server 1 has to be restored.   I am thinking this in terms of the RID master and so on

Having the Windows Server 2003 machines acting as backup domain controllers and DNS servers is actually restricting the functionality of the domain as the functional level is at win server 2003.  

Thanks for your input
0
cmatchett
Asked:
cmatchett
1 Solution
 
Krzysztof PytkoActive Directory EngineerCommented:
Yes, that's right! SBS server must be a forest root Domain Controller with all of 5 FSMO roles. If you move any of them to another DC, your SBS will be rebooting itself regurarly. So, that's true that SBS is "the most important" server in your environment. But remember, doing backups of each server (especially DCs) is very importantant!

If you do not use any special role of SBS (like Exchange, SQL aso.) you can seize FSMO roles to another Domain Controller in your network freely. But remember, you won't be able then restoring it from backup and join network. After FSMO roles seizing, previous server must be completely reinstalled. SBS is for small to medium organizations and has limitations because of that.

Do regurarly system state backups of your SBS and other DCs, backup their content and until your hardware would be OK, you will be always able to restore them.

Seizing FSMO roles is the last option and should be only used when hardware cannot be repaired and System State Backup cannot be restored.

Regards,
Krzysztof
0
 
cmatchettAuthor Commented:
super...thanks a bunch!
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now