Solved

Distributing Server 2008 R2 Roles and Features

Posted on 2013-02-04
7
380 Views
Last Modified: 2013-02-06
I have searched through many books, articles, and the knowledgebase here without finding a viable solution to my problem. The issue I'm having is with deciding what roles and features can be or should be combined together on one Server 2008 R2 installation. For example, I know that if I install DNS, GC, and AD on one server, it should not have any other roles or features installed. Also, I have SQL 2012 on a dedicated server and will not install any other roles on this server. I ran into my issue when considering the Remote Desktop role. I need to have the RD Session Host on one server and the applications I'm planning to distribute installed on the same server. But where should I install the RD Gateway, RD Licensing, and other RD roles? Should they each go on their own separate installation of 2008 R2, or would it be okay to combine these features (and possibly other features) together on one server? I am migrating from SBS2011 because of issues with too many roles and certain roles interfering with others (even though they shouldn't with SBS). Here is a list of everything I need to implement:

Active Directory Certificate Services
Active Directory Domain Services
DHCP Server
DNS Server
Print and Document Services
Remote Desktop Services w/ 1 RemoteApp Application
Web Server (IIS) (for RDS, Exchange, etc.)
SQL 2012
Exchange 2010
VSI-FAX Server
and possibly a few other smaller things I may have forgotten to list. I have two physical servers. They will both be running VMs with Hyper-V and I want to have one as a failover.
0
Comment
Question by:steven_theck
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 38854140
You are basically talking about the placement of Roles/Applications.

Isn't it perfect to balance the Role installations based on how much your hardware can survive?

And also you might need to look at Microsoft Support policy for applications running on Hyper-V.

Thanks!
Sys
0
 

Author Comment

by:steven_theck
ID: 38856289
Thanks for the reply Sys. You are correct that the role installations should be balanced, however there are certain roles that should not or can not be installed together. As I stated in the original post, I shouldn't install any other roles on the DNS/AD/GC server. I guess I'm wanting some advice on the best balance of the applications/roles/features I listed. I don't want to have one role per VM as I don't have the hardware resources for that. But maybe over a span of 4-6 VMs (it would probably be closer to 6 since I will have 1 for DNS/AD/GC, 1 for SQL 2012, 1 for Exchange 2010, 1 for RDS and remote applications).

Will any of the roles/features/applications I listed conflict with one another and cannot be installed together? And what roles need to be split between multiple servers (as I stated, I'm not sure if RD Session Host, RD Gateway, and RD Licensing can/should all be on the same server).

I searched for MS support policies concerning applications running in Hyper-V, and all I found was a list of MS applications and whether they can run in a VM or not, which all of the applications I'm running can run inside a VM.
0
 
LVL 35

Assisted Solution

by:Nirmal Sharma
Nirmal Sharma earned 500 total points
ID: 38857982
>>>Will any of the roles/features/applications I listed conflict with one another and cannot be installed together?

To best of my knowledge, Not at all! Roles and features have been designed in such a way that they use their own DLLs or modules to start. So no conflict.

>>>And what roles need to be split between multiple servers (as I stated, I'm not sure if RD Session Host, RD Gateway, and RD Licensing can/should all be on the same server).

It completely depends on your requirement (scaling up, High availability, etc). Technically, all the roles can be on same machine.

How many users you want to put on TS VM? I recommend putting GW role into the internal network and not in the DMZ because it requires AD.

Sys
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:steven_theck
ID: 38858060
To start, there will be less than 20 users connecting however that could potentially increase soon, so I would like to have the potential for around 50 users without any strain. By the information you have provided, does this sound like a good configuration?

Server 1
Active Directory
DNS
GC
possibly DHCP?

Server 2
SQL 2012

Server 3
Exchange 2010
Web Server (IIS) (for Exchange only)

Server 4
Remote Desktop Services
Applications for RemoteApp
Web Server (IIS) (for RDS only)
Print and Document Services
VSI-FAX Server
0
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 500 total points
ID: 38858101
Looks good except DHCP:

"When the DHCP Server service is installed on a domain controller, configuring the DHCP server with the credentials of the dedicated user account will prevent the server from inheriting, and possibly misusing, the power of the domain controller"

http://technet.microsoft.com/en-us/library/cc787034.aspx

-----
Sys.
0
 

Author Closing Comment

by:steven_theck
ID: 38858405
Thanks for all of your help Sys! I believe I will just make a 5th VM for DHCP and if I need any other roles later on, I can add them onto the DHCP server.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 38858524
Sure - glad I could help you!

Yes, adding anything on top of DHCP have no issues!

Thanks!
Sys
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been working as System Administrators since 2003. I recently started working as a FreeLancer and was amazed to find out that very few people are taking full advantage of their Windows Server Machines. Microsoft Windows Server comes with so…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question