?
Solved

Active Directory Physical Server DCs

Posted on 2014-03-24
2
Medium Priority
?
345 Views
Last Modified: 2014-05-14
Hello experts, I just want to scope everyone's opinion on this matter. We have over 650 DCs all over the world and they are all physical servers (2003 and 2008 servers)- combo of HP and IBM (predominantly IBM though) and we always have issues with hardware - battery, array controller failed..etc. Is there a better way or technology out there to limit these kind of issues? Any input would be greatly appreciated.
0
Comment
Question by:syseng007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 39951479
how mature is your virtualization platform and what are you using.  When do you plan to start migrating to 2012 DCs.  As you start migrating to 2012 you may want to make many of them virtual if your virtualization platform is stable and doesn't cause you the same headaches.

Note you can also virtualize earlier OS (2008 for example) but there are safeguards in place for 2012 and virtual DCs.

Thanks

Mike
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39951645
When you say 600 physical servers, obviously you must be having hardware issues

Now 650 is not a small quantity

Also these are domain controllers and not an app servers so you cannot place all location domain controllers in one place
What I mean to say, you can consider one physical server at least at all locations where you want to put DC (no matter if its virtual \ physical because you must need server hardware to build DCs)
In virtualized DCs probability of hardware failure is minimized and you can move virtual DC on another physical server in case of failures if you have proper backup of VM etc
But there also you are exposed to issues of hypervisors, that you cannot ignore because after all it is physical server
Also while allocating hardware resources to virtualized DC ensure that you will allocate sufficient hardware to all DCs as I have seen many times that organizations do not care about DC configuration and never provide sufficient \ adequate resources to virtualized DCs causing performance issues
Now in case of 2012 virtual DC, MS has developed some more so that you can clone that DC etc which facility is not available with previous versions

The best way is to minimize Dc count \ foot print as far as possible.
This is possible in case of below
You have hub and spoke network topology
All of your AD integrated applications are deployed at few Hub locations
You have good network bandwidth between sites (Hubs and spoke)
You have single domain single forest or if not you can initiate that project to minimize DC count
In above situation you can uninstall DCs from branches where user count is up to 50 users and you have 1 to 2 Mbps bandwidth between branch and main location since you don't have any application that required GC in local site etc (Ex: Microsoft exchange)
because if link goes down there applications stop working, they can logon to workstations with cached credentials
Also if they have local file servers, you can enable offline files there so that they can access file shares offline
In short do not deploy \ remove domain controllers at branches unless you required it genuinely
For Ex: you have a application at branch that requires local GC etc

Mahesh
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month12 days, 17 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question