Solved

AD on Fileserver?

Posted on 2013-01-18
3
228 Views
Last Modified: 2013-01-23
Hi All,
We've got a medium sized domain (approx 200 users) and already have 2 AD servers on Win2008R2.  However, both are virtuals.  I'd like to add a physical DC into the mix.

The problem is, the only machine I have on hand is a 2U with a ton of HDD space.  We also need a new fileserver.  So my question is, how bad an idea is it to run both the DC and fileserver roles on the same server?

Your input is greatly appreciated.

P.S. I do have one other, 1U, less powerful system on hand, but it only has one power supply.  I figured that's not what I want to put our only physical DC on.
0
Comment
Question by:Schandor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 100 total points
ID: 38794111
So the issue comes in is what if you have to do maintenance to files, and have to take the server down (AD goes dows).

What if your file server admin (if separate) needs access to the system.  Having said that I have personally been at places where a DC/File server were combined.  That is going away a bit these days but sometimes it was also done for economic reasons...just not a best practice.

The one with the one power supply would work fine.   If it goes down you still have those two other DCs.

Thanks

Mike
0
 
LVL 11

Assisted Solution

by:BillBondo
BillBondo earned 50 total points
ID: 38794168
Since you have 2 DC, I see no problems adding a 3rd combined w/ file services.
0
 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 100 total points
ID: 38796836
I would have preffered to use a good config desktop or a low config server class machine rather putting it on a file server
DC makes significant changes to tighten the security on itself if you are using other roles too along with DC then you are compromising the security of you DC environment

I said Using desktop is because DC role will not need a great performing machine coz uless PDC role holder only authentication and GP processing are generaly done by DC ..there are other process too but that can be processed by a Good desktop (I3 or equivalent processor 2 or 3GB's of RAM)

In nowadays you may also configure RAID and mirroring on desktop for redundancy
Still of desktop crashes you may recover AD as you already have two more desktops
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question