[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Windows 2012 Server Domain Controller & DNS

Posted on 2013-11-14
6
Medium Priority
?
390 Views
Last Modified: 2014-03-01
I need help to ensure I am setting the servers correctly.

I have 5 servers and they are all in the same forest and root domain.

mydomain.com

There servers are setup in the following configuration:

Servers:

1) server001.mydomain.com:  Main Domain Controller and DNS Server / FILE SERVER
2) server002.mydomain.com:  Secondary Domain Controller and DNS Server / Extra Web Server.

They are both domain controllers and they are syncing and mirroring the DNS and Active Directory.

The other servers: 3,4 and 5.

They all have specific roles. I know the exchange and share team servers need a but more than just a member server requires.

But I setting up the servers.

They have been named and setup and are at the point of being added to the domain.

Do I need to make all of them domain controllers.  I know this use to be taboo because of all the unnecessary networking talking it would cause between servers.

However, Many of the updated info on Windows 2012 Servers.

I added server 003 which is going to be the web server / help desk server.
I added the DNS as a secondary so it would be syncing with the domain controllers but I do what the DNS to be self-reliant so if they domain controllers go down etc..

Especially for the exchange server which must have active directory access and DNS.

The other serves will do as follows:

3) server003.mydomain.com:  Web Server IIS 8.0
4) server004.mydomain.com:  Exchange Server 2013
5) server005.mydomain.com:  Share Team Server 2013

Ideas, thoughts and information will be greatly appreciated.  Thanks.
0
Comment
Question by:Clint Jones
6 Comments
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 668 total points
ID: 39650078
No don't make them all DCs just having 1 and 2 as DCs is fine.   The other 3 servers can point to the AD boxes for DNS.   I'm assuming they will all be in the same AD site.

Make both DCs global catalogs too.

Thanks


Mike
0
 

Author Comment

by:Clint Jones
ID: 39650158
Yes they are all in the same domain and forest infrastructure.

When you say - "point to AD boxes for DNS".

It is more than just the IP addresses of the other DB and servers in the DNS setting of the NIC cards.  

I am adding them to the Domain which works but the DNS I have to setup as primary DNS for each server 3, 4 and 5 if I do secondary so it updates the DC's but I guessing that is not what I want to accomplish.  DC DNS is of course adding the other servers as they are added to the domain to its DNS and AD so is that all needs to be done or ???

Need a more step by step understanding.  Thank You...
0
 
LVL 15

Assisted Solution

by:Skyler Kincaid
Skyler Kincaid earned 664 total points
ID: 39650247
You last question is really confusing...

You should have the DNS role installed on both DCs. You should have the other three servers set with static IPs and the DNS should be set with the primary of DC1 and the secondary set as DC2. It is that simple.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 668 total points
ID: 39650277
In general it is recommended that at least two DCs in a domain for high availablity and fault tolerance, but how many DCs at each site will depend on your requirement. Normally one DC at each site can serve thousands of users with regard to authentication. To me it's OK with 2 DCs in your scenario.There is no need to make other member server as DNS/DC server.

You can read MS article and the previous discussion:

Domain controllers # Determining the number of domain controllers you need
http://technet.microsoft.com/en-us/library/cc759623(v=WS.10).aspx

How many domain controllers are recommended
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/991d4f68-5178-4c9a-8b7d-8f2b5f53867e

Hope this helps
0
 

Author Comment

by:Clint Jones
ID: 39657132
The DNS is what I am needing help with the most and doing research on....

The 2 main DNS are the 2 Domain Controllers. With the Exchange Server and the Share Team server. That when I make user name and permissions.  

When I add the other servers to the Domain Controllers.  I add them as a member server but I have to have DNS setup on those servers to add the "A" records on the Web Server IIS and with exchange 2013 on that server the "A" and "MX" records..

So I am just added the new servers, added as a member to the domain...

Making the DNS when setting it up as a PRIMARY DNS... I thought maybe secondary so its sending and a copy of itself to the MAIN DNS Servers on the 2 domain controllers.

I tried secondary and it fails if I try to add...

Thanks for your help....
0
 

Author Closing Comment

by:Clint Jones
ID: 39897703
Thanks to everyone that gave input =)
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question