Solved

Active Directory setup - Best Location for DB, Log and SYSVOL

Posted on 2011-09-21
23
3,768 Views
Last Modified: 2012-05-12
Hi,
I'm setting up a Windows 2008 server. Not much experience and someone else will be checking what I do, but I wanted to try and get it right before.

I'm setting up AD DS, and I'm on the screen where it asks for "Location for Database, Log Files and SYSVOL".

I have read the guide but I just wanted the direct opinion for my circumstance.

This will be the only server in the network.

C Drive- RAID1 300GB total
D Drive = RAID 5 = 5 1.6TB total available.

Server has defaulted the following locations:

Database Folder:
C:\Windows\NTDS

Log Files Folder:
C:\Windows\NTDS

SYSVOL folder:
C:\Windows\SYSVOL

But also recommends that the database and log files are on separate volumes. I've been reading the help guide but am a bit confused as to what I should do.

In my scenario, what is recommended.

Many thanks in advance
0
Comment
Question by:afflik1923
  • 9
  • 5
  • 3
  • +3
23 Comments
 
LVL 6

Accepted Solution

by:
JRaster earned 125 total points
Comment Utility
In a single server environment, personally I would just leave the defaults.  
Make sure you do good backups.  

0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 125 total points
Comment Utility
In small environments (any environment where you're in a position to ask this question) I strongly recommend leaving the AD databases on the C: drive.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 125 total points
Comment Utility
I'd probably put them on the D drive just in case space somehow fills up on C but either way should be fine

Good post about this from the Microsoft AD team    http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

...also read the comments.

Thanks

Mike
0
 

Author Comment

by:afflik1923
Comment Utility
OK Thanks for input. If I wanted to change them after install, is this easy? Where do I look to change this - in the registry or via gui?
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Yes you just use ntdsutil to move them   http://support.microsoft.com/kb/816120

Thanks

Mike
0
 

Author Comment

by:afflik1923
Comment Utility
Thanks. That posting you post from technet

http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

Is that therefore someone from MS who made this blog. IT seems funny that they give advice on the install (splite the locations to different volumes) however common practise and advice even from MS staff is to ignore.
Strange logic.
Thanks all for input.
0
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
WOW!!
Thats some drive space! For an AD server?

What else are you intending to run on this server? Be carfull before you plan on installing anything else... Like exchange!!
0
 

Author Comment

by:afflik1923
Comment Utility
It will be a file and application server as well. IT wont be running exchange. But it will be the only server available and they ran out of space on their old one, so wanted plenty of space available for this one.
0
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
From a security point of view you are breaking lots and lots of rules adding those roles to an ADDS server!!

Is the server not powerful enough to use VMWare/Hyper-V on and virtulise the environment?
0
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
Not to mention the Risk of loss!
0
 

Author Comment

by:afflik1923
Comment Utility
Yes, but the impression I got from previous research is that many companies with a single server end up doing this.
Why is it such a risk and does not they Hyper-V option introduce extra costs?
0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 

Author Comment

by:afflik1923
Comment Utility
Also why is there an increased risk of loss.
0
 
LVL 6

Expert Comment

by:JRaster
Comment Utility
I would assume Risk of Loss in this situation is refering to putting all your eggs in one basket.  

The more services you put on one server, the more that is loss when there is downtime.  
I understand you have a RAID setup, but even those can fail sometimes.  

I like the free ESXI for server virutalization.  You can even get online training course from VMWare that will get you started on all the in's and outs of setup and running a virutal server for not much money.  (I think it was $50 when I did it).  
This still puts all your eggs in one basket based on your hardware, but you can easily seperate OS's going virtual.  Even have two DC's and Exhange server on one server.  
0
 

Author Comment

by:afflik1923
Comment Utility
Note there will be no Exchange server in this network.
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 125 total points
Comment Utility
Leave the files for AD in the default locations. If you had 20,000 or more computers and users moving the file might be useful, but not for a small environment such as yours, and it would complicate things without having any upside benefits. I wouldn't worry about making it a file server too. You should have a good recovery plan in place should something happen to the server. It is generally preferred to have a second domain controller, but if your recovery plan is good enough, and you don't have a complicated AD in terms of a large number of users, groups, and computers, you can recreate your domain from scratch if necessary.  
0
 

Author Comment

by:afflik1923
Comment Utility
OK sounds good. WE have no more then 15 users. So should be straight forward.
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Yeah 15 users either way is good.  Even with 15 users I'd try to put two DCs up.  The second DC doesn't have to be anything fancy....just there in case the first box has some hardware issue.  Second box is for DR/CYA purposes.

Thanks

Mike
0
 

Author Comment

by:afflik1923
Comment Utility
But that means I would need another box with a Windows server licence right?
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Yes, it is a difficult thing but think with one DC and that has a catostrophic hardware failure,  it means definite downtime for users.

A second one and users should not even notice.  Think of it as an insurance policy.

Thanks

Mike
0
 
LVL 42

Expert Comment

by:kevinhsieh
Comment Utility
How usefull is a second DC if the file server isn't available?
0
 
LVL 6

Expert Comment

by:JRaster
Comment Utility
The second DC will still allow them to authenticate incase username and passwords are not cached.
If they never move workstations, the second DC would not do much other than have a copy of the Domain settings.  This would save rebuild time.  
Also, the second DC could be a place to restore files too incase of file server failure.  
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Also if DNS is being used on the DCs then the second box is also a DNS server.  Could also look into DFS replication.
0
 

Author Closing Comment

by:afflik1923
Comment Utility
Thanks for all the input
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now