Solved

Active Directory setup - Best Location for DB, Log and SYSVOL

Posted on 2011-09-21
23
3,953 Views
Last Modified: 2012-05-12
Hi,
I'm setting up a Windows 2008 server. Not much experience and someone else will be checking what I do, but I wanted to try and get it right before.

I'm setting up AD DS, and I'm on the screen where it asks for "Location for Database, Log Files and SYSVOL".

I have read the guide but I just wanted the direct opinion for my circumstance.

This will be the only server in the network.

C Drive- RAID1 300GB total
D Drive = RAID 5 = 5 1.6TB total available.

Server has defaulted the following locations:

Database Folder:
C:\Windows\NTDS

Log Files Folder:
C:\Windows\NTDS

SYSVOL folder:
C:\Windows\SYSVOL

But also recommends that the database and log files are on separate volumes. I've been reading the help guide but am a bit confused as to what I should do.

In my scenario, what is recommended.

Many thanks in advance
0
Comment
Question by:afflik1923
  • 9
  • 5
  • 3
  • +3
23 Comments
 
LVL 6

Accepted Solution

by:
JRaster earned 125 total points
ID: 36576817
In a single server environment, personally I would just leave the defaults.  
Make sure you do good backups.  

0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 125 total points
ID: 36576838
In small environments (any environment where you're in a position to ask this question) I strongly recommend leaving the AD databases on the C: drive.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 125 total points
ID: 36576843
I'd probably put them on the D drive just in case space somehow fills up on C but either way should be fine

Good post about this from the Microsoft AD team    http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

...also read the comments.

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36576864
OK Thanks for input. If I wanted to change them after install, is this easy? Where do I look to change this - in the registry or via gui?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36576896
Yes you just use ntdsutil to move them   http://support.microsoft.com/kb/816120

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36576934
Thanks. That posting you post from technet

http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

Is that therefore someone from MS who made this blog. IT seems funny that they give advice on the install (splite the locations to different volumes) however common practise and advice even from MS staff is to ignore.
Strange logic.
Thanks all for input.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577089
WOW!!
Thats some drive space! For an AD server?

What else are you intending to run on this server? Be carfull before you plan on installing anything else... Like exchange!!
0
 

Author Comment

by:afflik1923
ID: 36577163
It will be a file and application server as well. IT wont be running exchange. But it will be the only server available and they ran out of space on their old one, so wanted plenty of space available for this one.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577241
From a security point of view you are breaking lots and lots of rules adding those roles to an ADDS server!!

Is the server not powerful enough to use VMWare/Hyper-V on and virtulise the environment?
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577244
Not to mention the Risk of loss!
0
 

Author Comment

by:afflik1923
ID: 36577349
Yes, but the impression I got from previous research is that many companies with a single server end up doing this.
Why is it such a risk and does not they Hyper-V option introduce extra costs?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:afflik1923
ID: 36577352
Also why is there an increased risk of loss.
0
 
LVL 6

Expert Comment

by:JRaster
ID: 36577379
I would assume Risk of Loss in this situation is refering to putting all your eggs in one basket.  

The more services you put on one server, the more that is loss when there is downtime.  
I understand you have a RAID setup, but even those can fail sometimes.  

I like the free ESXI for server virutalization.  You can even get online training course from VMWare that will get you started on all the in's and outs of setup and running a virutal server for not much money.  (I think it was $50 when I did it).  
This still puts all your eggs in one basket based on your hardware, but you can easily seperate OS's going virtual.  Even have two DC's and Exhange server on one server.  
0
 

Author Comment

by:afflik1923
ID: 36577693
Note there will be no Exchange server in this network.
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 125 total points
ID: 36578818
Leave the files for AD in the default locations. If you had 20,000 or more computers and users moving the file might be useful, but not for a small environment such as yours, and it would complicate things without having any upside benefits. I wouldn't worry about making it a file server too. You should have a good recovery plan in place should something happen to the server. It is generally preferred to have a second domain controller, but if your recovery plan is good enough, and you don't have a complicated AD in terms of a large number of users, groups, and computers, you can recreate your domain from scratch if necessary.  
0
 

Author Comment

by:afflik1923
ID: 36580021
OK sounds good. WE have no more then 15 users. So should be straight forward.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36580665
Yeah 15 users either way is good.  Even with 15 users I'd try to put two DCs up.  The second DC doesn't have to be anything fancy....just there in case the first box has some hardware issue.  Second box is for DR/CYA purposes.

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36581200
But that means I would need another box with a Windows server licence right?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581234
Yes, it is a difficult thing but think with one DC and that has a catostrophic hardware failure,  it means definite downtime for users.

A second one and users should not even notice.  Think of it as an insurance policy.

Thanks

Mike
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36581830
How usefull is a second DC if the file server isn't available?
0
 
LVL 6

Expert Comment

by:JRaster
ID: 36581850
The second DC will still allow them to authenticate incase username and passwords are not cached.
If they never move workstations, the second DC would not do much other than have a copy of the Domain settings.  This would save rebuild time.  
Also, the second DC could be a place to restore files too incase of file server failure.  
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581897
Also if DNS is being used on the DCs then the second box is also a DNS server.  Could also look into DFS replication.
0
 

Author Closing Comment

by:afflik1923
ID: 36930316
Thanks for all the input
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now