Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

AD on Fileserver?

Posted on 2013-01-18
3
Medium Priority
?
230 Views
Last Modified: 2013-01-23
Hi All,
We've got a medium sized domain (approx 200 users) and already have 2 AD servers on Win2008R2.  However, both are virtuals.  I'd like to add a physical DC into the mix.

The problem is, the only machine I have on hand is a 2U with a ton of HDD space.  We also need a new fileserver.  So my question is, how bad an idea is it to run both the DC and fileserver roles on the same server?

Your input is greatly appreciated.

P.S. I do have one other, 1U, less powerful system on hand, but it only has one power supply.  I figured that's not what I want to put our only physical DC on.
0
Comment
Question by:Schandor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 400 total points
ID: 38794111
So the issue comes in is what if you have to do maintenance to files, and have to take the server down (AD goes dows).

What if your file server admin (if separate) needs access to the system.  Having said that I have personally been at places where a DC/File server were combined.  That is going away a bit these days but sometimes it was also done for economic reasons...just not a best practice.

The one with the one power supply would work fine.   If it goes down you still have those two other DCs.

Thanks

Mike
0
 
LVL 11

Assisted Solution

by:BillBondo
BillBondo earned 200 total points
ID: 38794168
Since you have 2 DC, I see no problems adding a 3rd combined w/ file services.
0
 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 400 total points
ID: 38796836
I would have preffered to use a good config desktop or a low config server class machine rather putting it on a file server
DC makes significant changes to tighten the security on itself if you are using other roles too along with DC then you are compromising the security of you DC environment

I said Using desktop is because DC role will not need a great performing machine coz uless PDC role holder only authentication and GP processing are generaly done by DC ..there are other process too but that can be processed by a Good desktop (I3 or equivalent processor 2 or 3GB's of RAM)

In nowadays you may also configure RAID and mirroring on desktop for redundancy
Still of desktop crashes you may recover AD as you already have two more desktops
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question