Solved

DC and RAS - Do they mix well?

Posted on 2013-01-22
3
527 Views
Last Modified: 2013-01-26
Hello all,

I am planning on standing up a new BDC and I was wondering if it can also be a VPN server.  We'll be only using PPTP, no certificates or anything complex on this one.

The plan is to make it a BDC, DNS and VPN.

If you have any articles about MS Best Practices, even better.

Thank you!
0
Comment
Question by:IDMA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Accepted Solution

by:
Ayman Bakr earned 130 total points
ID: 38808367
For what it's worth, since Windows 2000 there is no more BDC concept. All DCs are on the same stance and work together, however there will be only one of them in the domain holding the PDC emulator role.

It is strongly unadvisable to have DC with DNS and RRAS on one server. Multi-homed DCs tend to cause a lot of issue with DNS. It is best to have your RRAS on a member server. See this article:

http://itknowledgeexchange.techtarget.com/windows-admin-tips-tricks/do-not-setup-rras-on-a-dc-i-repeat-dont-do-this/
0
 
LVL 23

Assisted Solution

by:yo_bee
yo_bee earned 70 total points
ID: 38808379
To answer you question they all work fine together, but if you have a large user environment I would recommend to separate the RASS and DC role.  It sounds like you have a small environment so you should be fine

I have this link for how to set one up:
http://technet.microsoft.com/en-us/network/bb545655
0
 

Author Closing Comment

by:IDMA
ID: 38822658
Thanks for the comments, guys.  We decided to go ahead and stand up two separate servers just to avoid any future issues.
0

Featured Post

Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question