Domain Structure Design
Posted on 2012-03-28
Good day everyone. I have a very general question that I have been contemplating in the company I work for.
We currently have an online application (constructed of ASP.NET and C Sharp) which runs on IIS 6 and links to a MS SQL 2005 server database for querying purposes only. No input is made through the online application. Only used for reporting purposes. This application is on a Windows 2008 R2 Server.
We also currently use SQL database to manage all of the accounts that log in to the application.
We currently also have Windows 2008 R2 server that acts as our fileserver. Finally have a Windows 2003 Server as our DC.
We are looking at bringing all of this up to standards as we carry sensitive data that must meet HIPPA and FERPA requirements.
We are looking at hosting all of this to Rackspace and setting all of this in one server with three VM environments. One for DC (AD), another for SQL, and third for IIS. We would like to use AD in our new environment to handle all logon credentials.
Questions are as follows:
1) Would AD be adequate to manage accounts for something like this when most of our users are external, and we have about 1500 accounts but only about 350 active users (bad user management) that login to the online application only?
2) Would we need a failover server with all three VMs mirrored as disaster recovery since Rackspace offers 2 hour turnaround on disaster recovery?
3) Could we place our DC and AD on Rackspace and be able to authenticate our computers to it from our office (for the employees only)?
4) Finally, would it be smart to have a secondary DC in a hosted environment such as this?
Please let me know any thoughts or opinions aside from these questions as this is a venture I would like to proceed with, if viable.