What software do you have on your Windows 2012 R2 Domain Controllers

HI All,
I wanted to ask everyone what software do they install as best practice on their DC's. I am building a new 2012 R2 Forest and wanted to see what others have installed on their DC's. Any suggestions and input is appreciated. Some items I can think of include Windows 2012 support tools, Resource Kit, bginfo, vnc???).
LVL 1
tigran_pAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
None of the above. I install a monitoring and configuration agent (such as SCOM, SCCM, Kasey) and that's it. I keep DCs sacrosanct.
0
Dan McFaddenSystems EngineerCommented:
I agree with Cliff.  Install as little as operationally necessary.

Typical for me:
- DPM client (backup)
- SCOM agent (monitoring)
- SCCM agent (updating)
- an AdminTools directory with portable troubleshooting tools (no install required).  eg: sysinternal suite, treesize free, dnslint, AL Tools, a few custom PS scripts, etc.

Period!

Absolutely no need to install 3rd party remote connection services, like VNC.  Use RDP.

You can install the resource kit, RSAT, 2012 support tools, etc... on your workstation.  No need to pollute your DC.

Dan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Kamran MallikIT Technical EngineerCommented:
I agree, DCs should not have any third party apps as best practise. We would install Kaseya agent but that is only because I work for a managed services IT firm supporting third party clients.
0
Zacharia KurianAdministrator- Data Center & NetworkCommented:
Do not install any other applications on your DC. But you can have some monitoring tools or management tools in your client PC or in a member server. I am using Manage Engine Audit Plus pro, manage engine service desk pro and Specops Gpupdate Pro.

When you choose any Antivirus, better to have Sophos but make sure to read the antivirus exclusion list on microsoft site

http://support.microsoft.com/kb/822158.

When it comes to backup use both windows backup and any other 3rd party backup tools like Symantec system recovery or Acronis. They do have better success rate when you restore to a dis similar hard ware. But to be on the safe side, do have an additional domain controller in your network.
0
Seth SimmonsSr. Systems AdministratorCommented:
the only thing i've ever had running on my domain controllers is nsclient++ for nagios monitoring and sysinternals tools if needed
i keep domain controllers (particularly virtual machines) very lean
build other servers for other applications (exchange, wsus, etc.)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.