• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 155
  • Last Modified:

Advice please: 2012 R2 Server, Need to run Active Directory, RDS, and File server on same physical server.

Hello,

I will be configuring a server this week and I want to make sure that i set it up correctly. I have messed with Hyper-V a bit in the past, but i want to make sure I start this setup the correct way. As I understand it, on my new Dell Server with 2012 R2 Standard, I have a license that covers 1 physical installation, and 2 virtual servers.  After researching this setup, it appears that most advise to run only Hyper-V services on the physical installation, and running everything else in Hyper-V virtual servers.

The server is being setup for a small company that will have very basic needs.  I will be running DHCP, DNS, Active Directory, and will be doing file sharing on this server for a couple of programs (one SQL express based), and the other QuickBooks. The other service I will need to run is RDS for one remote user which I plan to do with the Remote App functionality. Can someone please advise how I should set this up so that I will maintain the best functionality overall?

Any help would be greatly appreciated!
0
bscott13
Asked:
bscott13
2 Solutions
 
Chris HInfrastructure ManagerCommented:
I'm just going to say it, NEVER install AD on a box that will be browsing the internet.
0
 
Steve WhitcherSystems AdministratorCommented:
Based on the parameters given, I would create one VM for AD, DNS, and dhcp.  A second VM would be your remoteapp server, and have any user applications installed on it.  The file shares could be created on the domain controller.  I assume your host won't be a domain member, since the only DC will be the VM, which won't be available when the host boots. . .
0
 
Cliff GaliherCommented:
Two VMs. One running ADDS. The other running RDS. As those two roles should never coexist. The file services role could go on either VM. Putting it on the DC increases the threat footprint, but putting it on the RDS server has performance implications. Neither solution is ideal, and which way you go is a personal decision based on the uniqueness of your environment and risk and performance tolerances. There id no correct "do this" answer or even recommendation for that role.
0
 
Alessandro ScafariaInfrastructure Premier Field AdministratorCommented:
Best practice says that in a basic Hyper-V scenario you should have “at least”:

-      1 physical host for your Hyper-v management (I will suggest System Center 2012 R2 Virtual Machine Manager but I don’t know your budget :-) ) with a dedicated NIC for your VMs, another NIC for your (future) shared storage (if you decide to turn on HA features) and another NIC for exclusive management…

-      1 physical host containing your VMs with a Windows Server CORE VERSION (without the GUI) with RSAT tools enabled to reduce “Windows OS impact” to almost zero for your production environment (no restarts for windows updates, less hacking issues, and so on…).

Your management server could be a simple microserver with a discrete CPU/RAM amount…

Your Hyper-V node server instead has to be pushed up talking about Disk IOPs and RAIDs...

For example…I should setup 2 RAID 1 in which I will split up my VMs accordingly…a RAID 1 with fast SAS spindles for “mission critical” apps and another RAID 1 with less fast spindles for FILESERVER and other “less performance” VMs…remember always not to put all the eggs in the same basket :-)

I’m only assuming…

-      1 single VM for AD DS, DNS, DHCP to put inside your FAST SAS RAID (I would suggest to un-deploy DHCP as a Windows role, but to use instead your firewall infrastructure….this because usually it’s rare a firewall crash in comparison with a OS crash :-) ).

-      1 single VM for your FILESERVER (it’s a best practice to separate this role…..) to put inside your SLOW RAID.

-      1 single VM for your “quick deploy” RDS server to put inside your SLOW RAID  (by the way…..to access from the outside to your REMOTE APP infrastructure remember to buy a mandatory ssl certificate, otherwise you will really struggle with configuration!!)

-      1 single VM for your Veeam Backup Server :-) to put inside your FAST SAS RAID (I don’t know how you would protect your Hyper-V infrastructure from damages…)

Let me know your thoughts…obviously this is not the law…it’s only an opinion…

You may re-arrange this scenario according to your “physical budget” :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now