Solved

What software do you have on your Windows 2012 R2 Domain Controllers

Posted on 2014-10-22
5
176 Views
Last Modified: 2016-10-27
HI All,
I wanted to ask everyone what software do they install as best practice on their DC's. I am building a new 2012 R2 Forest and wanted to see what others have installed on their DC's. Any suggestions and input is appreciated. Some items I can think of include Windows 2012 support tools, Resource Kit, bginfo, vnc???).
0
Comment
Question by:tigran_p
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40398532
None of the above. I install a monitoring and configuration agent (such as SCOM, SCCM, Kasey) and that's it. I keep DCs sacrosanct.
0
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 40398689
I agree with Cliff.  Install as little as operationally necessary.

Typical for me:
- DPM client (backup)
- SCOM agent (monitoring)
- SCCM agent (updating)
- an AdminTools directory with portable troubleshooting tools (no install required).  eg: sysinternal suite, treesize free, dnslint, AL Tools, a few custom PS scripts, etc.

Period!

Absolutely no need to install 3rd party remote connection services, like VNC.  Use RDP.

You can install the resource kit, RSAT, 2012 support tools, etc... on your workstation.  No need to pollute your DC.

Dan
0
 
LVL 1

Expert Comment

by:Kamran Mallik
ID: 40398796
I agree, DCs should not have any third party apps as best practise. We would install Kaseya agent but that is only because I work for a managed services IT firm supporting third party clients.
0
 
LVL 9

Expert Comment

by:Zacharia Kurian
ID: 40399789
Do not install any other applications on your DC. But you can have some monitoring tools or management tools in your client PC or in a member server. I am using Manage Engine Audit Plus pro, manage engine service desk pro and Specops Gpupdate Pro.

When you choose any Antivirus, better to have Sophos but make sure to read the antivirus exclusion list on microsoft site

http://support.microsoft.com/kb/822158.

When it comes to backup use both windows backup and any other 3rd party backup tools like Symantec system recovery or Acronis. They do have better success rate when you restore to a dis similar hard ware. But to be on the safe side, do have an additional domain controller in your network.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40399791
the only thing i've ever had running on my domain controllers is nsclient++ for nagios monitoring and sysinternals tools if needed
i keep domain controllers (particularly virtual machines) very lean
build other servers for other applications (exchange, wsus, etc.)
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A clone is a duplicate copy. Sheep have been cloned and maybe someday even people will be cloned, but disk cloning (performed by the hard drive cloning software) is a vital tool used to manage and protect data. Let’s look at what hard drive cloning …
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

742 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question