Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Active Directory setup - Best Location for DB, Log and SYSVOL

Posted on 2011-09-21
23
4,234 Views
Last Modified: 2012-05-12
Hi,
I'm setting up a Windows 2008 server. Not much experience and someone else will be checking what I do, but I wanted to try and get it right before.

I'm setting up AD DS, and I'm on the screen where it asks for "Location for Database, Log Files and SYSVOL".

I have read the guide but I just wanted the direct opinion for my circumstance.

This will be the only server in the network.

C Drive- RAID1 300GB total
D Drive = RAID 5 = 5 1.6TB total available.

Server has defaulted the following locations:

Database Folder:
C:\Windows\NTDS

Log Files Folder:
C:\Windows\NTDS

SYSVOL folder:
C:\Windows\SYSVOL

But also recommends that the database and log files are on separate volumes. I've been reading the help guide but am a bit confused as to what I should do.

In my scenario, what is recommended.

Many thanks in advance
0
Comment
Question by:afflik1923
  • 9
  • 5
  • 3
  • +3
23 Comments
 
LVL 6

Accepted Solution

by:
JRaster earned 125 total points
ID: 36576817
In a single server environment, personally I would just leave the defaults.  
Make sure you do good backups.  

0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 125 total points
ID: 36576838
In small environments (any environment where you're in a position to ask this question) I strongly recommend leaving the AD databases on the C: drive.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 125 total points
ID: 36576843
I'd probably put them on the D drive just in case space somehow fills up on C but either way should be fine

Good post about this from the Microsoft AD team    http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

...also read the comments.

Thanks

Mike
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Author Comment

by:afflik1923
ID: 36576864
OK Thanks for input. If I wanted to change them after install, is this easy? Where do I look to change this - in the registry or via gui?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36576896
Yes you just use ntdsutil to move them   http://support.microsoft.com/kb/816120

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36576934
Thanks. That posting you post from technet

http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

Is that therefore someone from MS who made this blog. IT seems funny that they give advice on the install (splite the locations to different volumes) however common practise and advice even from MS staff is to ignore.
Strange logic.
Thanks all for input.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577089
WOW!!
Thats some drive space! For an AD server?

What else are you intending to run on this server? Be carfull before you plan on installing anything else... Like exchange!!
0
 

Author Comment

by:afflik1923
ID: 36577163
It will be a file and application server as well. IT wont be running exchange. But it will be the only server available and they ran out of space on their old one, so wanted plenty of space available for this one.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577241
From a security point of view you are breaking lots and lots of rules adding those roles to an ADDS server!!

Is the server not powerful enough to use VMWare/Hyper-V on and virtulise the environment?
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577244
Not to mention the Risk of loss!
0
 

Author Comment

by:afflik1923
ID: 36577349
Yes, but the impression I got from previous research is that many companies with a single server end up doing this.
Why is it such a risk and does not they Hyper-V option introduce extra costs?
0
 

Author Comment

by:afflik1923
ID: 36577352
Also why is there an increased risk of loss.
0
 
LVL 6

Expert Comment

by:JRaster
ID: 36577379
I would assume Risk of Loss in this situation is refering to putting all your eggs in one basket.  

The more services you put on one server, the more that is loss when there is downtime.  
I understand you have a RAID setup, but even those can fail sometimes.  

I like the free ESXI for server virutalization.  You can even get online training course from VMWare that will get you started on all the in's and outs of setup and running a virutal server for not much money.  (I think it was $50 when I did it).  
This still puts all your eggs in one basket based on your hardware, but you can easily seperate OS's going virtual.  Even have two DC's and Exhange server on one server.  
0
 

Author Comment

by:afflik1923
ID: 36577693
Note there will be no Exchange server in this network.
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 125 total points
ID: 36578818
Leave the files for AD in the default locations. If you had 20,000 or more computers and users moving the file might be useful, but not for a small environment such as yours, and it would complicate things without having any upside benefits. I wouldn't worry about making it a file server too. You should have a good recovery plan in place should something happen to the server. It is generally preferred to have a second domain controller, but if your recovery plan is good enough, and you don't have a complicated AD in terms of a large number of users, groups, and computers, you can recreate your domain from scratch if necessary.  
0
 

Author Comment

by:afflik1923
ID: 36580021
OK sounds good. WE have no more then 15 users. So should be straight forward.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36580665
Yeah 15 users either way is good.  Even with 15 users I'd try to put two DCs up.  The second DC doesn't have to be anything fancy....just there in case the first box has some hardware issue.  Second box is for DR/CYA purposes.

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36581200
But that means I would need another box with a Windows server licence right?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581234
Yes, it is a difficult thing but think with one DC and that has a catostrophic hardware failure,  it means definite downtime for users.

A second one and users should not even notice.  Think of it as an insurance policy.

Thanks

Mike
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36581830
How usefull is a second DC if the file server isn't available?
0
 
LVL 6

Expert Comment

by:JRaster
ID: 36581850
The second DC will still allow them to authenticate incase username and passwords are not cached.
If they never move workstations, the second DC would not do much other than have a copy of the Domain settings.  This would save rebuild time.  
Also, the second DC could be a place to restore files too incase of file server failure.  
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581897
Also if DNS is being used on the DCs then the second box is also a DNS server.  Could also look into DFS replication.
0
 

Author Closing Comment

by:afflik1923
ID: 36930316
Thanks for all the input
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question