How many Domain Controllers???

[hande]

I am setting up some new offices with a maximum of 30 users. We are going to have four servers. Seems a lot how ever here is the reason behind it. One dedicated servers for the following

1. Exchange Server 2003
2. SQL Server 2000
3. SQL Server 2000 Fail Over Server
4. 1TB Fileserver running Wins, DHCP, Print Services

Question is how many domain controllers should I have they will all be running Windows 2003 Server and I would like to have atleast two domain controllers on the network, Should the fourth server be a domain controller? And the Exchange Server (IE Servers 1 & 4)and the others act as member servers. Also do I really need two dns servers ?

Thanks in advance


Hande

 

[aquias]

Failover is life saving...

My recommendation is any "Mission" critical aspect of your company should have some kind of fail over. If your DNS server crashes on you, how does that affect your users ability to work (Not only in web surfing but in identifying servers and the like)?

My suggestion is to make one of your servers (or purchase a fifth, lower end server) your back DNS, DHCP, Wins, and BDC.

This way, in the event of a failure at any one point of failure your users will still have a way to resolve names, obtain IP's, and continue working (minus whatever system failed). This buys you time, peace of mind, and credability to build these offices more and more in the manner that you choose to.

 

[hande]

Thanks for your advise so I should have two domain controllers then. Ill make the Exchange server a domain controller and the Fileserver, are you saying I should have two Wins / DHCP servers as well?

Also the other two servers would be just member servers?

Thanks again

Hande

 

[aquias]

I would say yes, perhaps some wiser heads than mine may disagree. But I've found that having "instant" fail over for mission critical systems (where possible) saves a lot of trouble, time, and head aches.

 

[technome]

You have plenty of server.
Make 4 the FSMO with DNS, DHCP, WINs etc setup
Make 2, or 3 a DC with DNS, DHCP, WINS etc. "
You need two server with DNS, DHCPs, and WINS, or the point of a second DC is rather muted in case the FSMO fails.

Basically the second DC is setup the same as the FSMO. Keep all the roles on the FSMO, which MUST be backed up, including the system state.

The SQL server should be the fastest, with fast SCSI disks, hardware raid. The 1 TB should be fast CPU server, Scsi, hardware raid. 15K rpm disks will speed up SQL
Windows plays around with the file caching on the volume which has the NTDS.dit file but not with most hardware raid adapters, as the raid adapters drivers do not allow Windows to take over. The Exchange server should be a member server, not a DC, the server for replication could be a DC or member

With 30 users, AD will not affect performance, at least from my benchmarks on my raid hardware equipped dual processor, 2 Gig ram test server. The services running will not affect the SQL speed. Mind you, hardware raid adapters relieve the CPU from I/O utilization, so without a hardware raid the results might be different.On both DCs, especially the SQL server 2 Gig ram is a minimum. Single processor servers will be quite sufficient. I would not purchase the absolute fastest servers, as the price difference for the absolute newest CPU are absurd, drop back to the CPU speed which was the fastest a few months back, you would notice the speed difference. I generally get Xenon processors with standard cache, the processor with the higher end cache amounts are very expensive, plus show very minimal performance gains (rip off). For a fast raid adapters, Lsilogic u320-2x or the Intel SRCU42X (same OEM from LSI) along with a mobo with PCI-x at 133 Mhz bus. Battery backup units are important for all four servers. I purchased refurbished units for all installs, I never buy new

https://www.refurbups.com/

At a couple of clients, I have Supermicro mobos at 3 Ghz, single CPU, 200 Gig LsiLogic u320-2 u320 Raid 5, 2 Gig ram, servers running SQL, Veritas BackupExec, Adaware Pro, Raid software, Executive Software's Undelete and Diskeeper, Norton CE 8.6, Great Plains Dynamics/SQL, DNS, DHCP, WINS. Speed is fine, servers are super stabile, clients are quite happy. The ultimate SQL server would have raid 10, but expensive.

Instant failover may be hard to achieve. In a workgroup setup, I had DoubleTake from NSI software for failover servers, which worked very well. With AD involved, this is a different story. Replication of data should not be a problem, just check that what ever software use use can replicate SQL.

Would be nice to have all the servers at 2003, as AD has a few features not obtainable with a mix but nothing that important.. I figure you already have a couple of 2000 licenses. Be more tempted to use server 2003 on the FSMO, slightly more stabile, a bit faster, more toys.

 

[QuarkIT]

The route I would take for that one would be this.

Since Exchange is finicky I wouldn't run anything else on it, just let it be your Exchange server.

Turn your Fileshare into the DC and services Server as you started to do.

Since the SQL fail over is essentially you're support server, I would turn that into the backup controller. Worst case if SQL crashes it rolls to fail over, if your Fileshare crashes, rolls to fail over as well.

I'm not the most experienced person in that regard, but from experience, I would never do it on your Exchange server, as we had a problem with that in my current company.

 

[hande]

Thanks for you comments. I have never setup muilti dhcp servers or wins servers before is it straight forward? If so how?. Also should the non dc machines be member servers and is it straight forward to add them to the domain.

Thanks once again

Hande

 

[Freedom99]

Just install DHCP - don't activate it. And just run WINS on the server - no problems.

Point users to the fastest and use the other as the backup.

 

[tmckeown]

You should setup two scopes in DHCP. That way, both DHCP servers are always functional. We split our scope in half and have one server cover handling out lower number addresses and the other handing out higher number addresses.

 

[hande]

Thanks again everyone for your replys. Just two last things;
Tmckeown re DHCP scope's what range do you currently use>? I used to have two sites and had two ranges 192.168.98.* and 192.168.97.* should I put the servers in a fixed group such as 192.168.98.1 through to say 192.168.98.20 then split the rest of the range in half between the two dhcp
servers?. Bearing in mind we will have a maximum of 30 pcs and approx 100 remote sites (with three pcs at each)

Also if I have two domain controllers would the other servers be configured as member servers? to that Domain I am sure they would be its just I have never used windows 2003 server before and have serveral books but its nice to have confirmation from a techie.

Many Thanks everyone for your help

Hande

 

[aquias]

Yes, they all should be member servers to your Domain.

However, keep in mind that if you have 330 PC's you'll need at least one additional subnet configured.