Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Active Directory setup - Best Location for DB, Log and SYSVOL

Posted on 2011-09-21
23
Medium Priority
?
5,343 Views
Last Modified: 2012-05-12
Hi,
I'm setting up a Windows 2008 server. Not much experience and someone else will be checking what I do, but I wanted to try and get it right before.

I'm setting up AD DS, and I'm on the screen where it asks for "Location for Database, Log Files and SYSVOL".

I have read the guide but I just wanted the direct opinion for my circumstance.

This will be the only server in the network.

C Drive- RAID1 300GB total
D Drive = RAID 5 = 5 1.6TB total available.

Server has defaulted the following locations:

Database Folder:
C:\Windows\NTDS

Log Files Folder:
C:\Windows\NTDS

SYSVOL folder:
C:\Windows\SYSVOL

But also recommends that the database and log files are on separate volumes. I've been reading the help guide but am a bit confused as to what I should do.

In my scenario, what is recommended.

Many thanks in advance
0
Comment
Question by:afflik1923
  • 9
  • 5
  • 3
  • +3
23 Comments
 
LVL 6

Accepted Solution

by:
JRaster earned 500 total points
ID: 36576817
In a single server environment, personally I would just leave the defaults.  
Make sure you do good backups.  

0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 500 total points
ID: 36576838
In small environments (any environment where you're in a position to ask this question) I strongly recommend leaving the AD databases on the C: drive.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 500 total points
ID: 36576843
I'd probably put them on the D drive just in case space somehow fills up on C but either way should be fine

Good post about this from the Microsoft AD team    http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

...also read the comments.

Thanks

Mike
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:afflik1923
ID: 36576864
OK Thanks for input. If I wanted to change them after install, is this easy? Where do I look to change this - in the registry or via gui?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36576896
Yes you just use ntdsutil to move them   http://support.microsoft.com/kb/816120

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36576934
Thanks. That posting you post from technet

http://blogs.technet.com/b/askds/archive/2010/10/29/friday-mail-sack-not-particularly-terrifying-edition.aspx#adperf

Is that therefore someone from MS who made this blog. IT seems funny that they give advice on the install (splite the locations to different volumes) however common practise and advice even from MS staff is to ignore.
Strange logic.
Thanks all for input.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577089
WOW!!
Thats some drive space! For an AD server?

What else are you intending to run on this server? Be carfull before you plan on installing anything else... Like exchange!!
0
 

Author Comment

by:afflik1923
ID: 36577163
It will be a file and application server as well. IT wont be running exchange. But it will be the only server available and they ran out of space on their old one, so wanted plenty of space available for this one.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577241
From a security point of view you are breaking lots and lots of rules adding those roles to an ADDS server!!

Is the server not powerful enough to use VMWare/Hyper-V on and virtulise the environment?
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36577244
Not to mention the Risk of loss!
0
 

Author Comment

by:afflik1923
ID: 36577349
Yes, but the impression I got from previous research is that many companies with a single server end up doing this.
Why is it such a risk and does not they Hyper-V option introduce extra costs?
0
 

Author Comment

by:afflik1923
ID: 36577352
Also why is there an increased risk of loss.
0
 
LVL 6

Expert Comment

by:JRaster
ID: 36577379
I would assume Risk of Loss in this situation is refering to putting all your eggs in one basket.  

The more services you put on one server, the more that is loss when there is downtime.  
I understand you have a RAID setup, but even those can fail sometimes.  

I like the free ESXI for server virutalization.  You can even get online training course from VMWare that will get you started on all the in's and outs of setup and running a virutal server for not much money.  (I think it was $50 when I did it).  
This still puts all your eggs in one basket based on your hardware, but you can easily seperate OS's going virtual.  Even have two DC's and Exhange server on one server.  
0
 

Author Comment

by:afflik1923
ID: 36577693
Note there will be no Exchange server in this network.
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 500 total points
ID: 36578818
Leave the files for AD in the default locations. If you had 20,000 or more computers and users moving the file might be useful, but not for a small environment such as yours, and it would complicate things without having any upside benefits. I wouldn't worry about making it a file server too. You should have a good recovery plan in place should something happen to the server. It is generally preferred to have a second domain controller, but if your recovery plan is good enough, and you don't have a complicated AD in terms of a large number of users, groups, and computers, you can recreate your domain from scratch if necessary.  
0
 

Author Comment

by:afflik1923
ID: 36580021
OK sounds good. WE have no more then 15 users. So should be straight forward.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36580665
Yeah 15 users either way is good.  Even with 15 users I'd try to put two DCs up.  The second DC doesn't have to be anything fancy....just there in case the first box has some hardware issue.  Second box is for DR/CYA purposes.

Thanks

Mike
0
 

Author Comment

by:afflik1923
ID: 36581200
But that means I would need another box with a Windows server licence right?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581234
Yes, it is a difficult thing but think with one DC and that has a catostrophic hardware failure,  it means definite downtime for users.

A second one and users should not even notice.  Think of it as an insurance policy.

Thanks

Mike
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36581830
How usefull is a second DC if the file server isn't available?
0
 
LVL 6

Expert Comment

by:JRaster
ID: 36581850
The second DC will still allow them to authenticate incase username and passwords are not cached.
If they never move workstations, the second DC would not do much other than have a copy of the Domain settings.  This would save rebuild time.  
Also, the second DC could be a place to restore files too incase of file server failure.  
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581897
Also if DNS is being used on the DCs then the second box is also a DNS server.  Could also look into DFS replication.
0
 

Author Closing Comment

by:afflik1923
ID: 36930316
Thanks for all the input
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question