Setting up a small network

[David Yowell]

I am setting up a new Windows network that contains 1 domain in 1
forest with:
25 workstations running either Win2K and XP Pro
2 Windows Server 2003 Standard Edition, with 1 running Exchange 2003

I want to run two domain controllers to provide Active Directory fault
tolerance. Should I make both domain controllers Global Catalog
Servers?

If both are GCs, will this significantly increase replication traffic
with this small of a network?

If only one is a GC, will the other domain controller process logons
if the GC is down for maintenance?

If only one is a GC, is enough of the AD replicated to both DCs to
provide true fault tolerance? (i.e., if the GC crashed, could I
promote the other DC to a GC role and keep running with all of the AD
intact?)

Thank you for your attention,
David Y.

 

[kilo]

I would not make them both GC.

 

[Herb Martin]

I am setting up a new Windows network that contains 1 domain in 1
forest with:
25 workstations running either Win2K and XP Pro
2 Windows Server 2003 Standard Edition, with 1 running Exchange 2003

I want to run two domain controllers to provide Active Directory fault
tolerance. Should I make both domain controllers Global Catalog
Servers?

Yes, with single domains, there is zero penalty for having all DCs
be GCs since each DC already holds the entire accounts database.

The issue for GCs is when you have several (or more) large domains.
Each GC must hold some of the info for every object in the Forest,
so in a forests of 100,000s of users with multiple domains you put
a significant burden on each GC (not excessive probably but
significant) and increase the replication burden.

If both are GCs, will this significantly increase replication traffic
with this small of a network?

Nope. It's insignifcant if at all.

If only one is a GC, will the other domain controller process logons
if the GC is down for maintenance?

Nope. If you are in native mode you will fail logins unless both are
GCs (or with 2003 you do universal group cachine.) Go with GCs.

Universal Group Caching is for those large forests with some small
sites (at the end of WAN lines) which don't need ALL that GC
info at every site but still want their logons to work in native mode.

If only one is a GC, is enough of the AD replicated to both DCs to
provide true fault tolerance? (i.e., if the GC crashed, could I
promote the other DC to a GC role and keep running with all of the AD
intact?)

Yes. But just make them both GCs anyway.

 

[Enkidu]

Why not? I would. There is no extra replication load and if one goes
down you still have a GC.

Cheers,

Cliff

(MVP)

 

[Cary Shultz [A.D. MVP]]

Cliff,

I agree. There is little chance that any network for which I am responsible
would not have two DCs with both of them being GCs as well ( assuming that
they have multiple servers - as David does! ).

Redundancy is a wonderful thing.

And I might even try to get a third server in here on which to run Exchange
2003. But that might be pushing it in an environment with 25 users! If he
buys properly it could be done, though.

Get two of those 1U systems from IBM or HP ( the x305 or x306 series for the
DCs and possibly the x345 Series for the Exchange Server from IBM / the
DL140/DL320 Series for the DCs and possibly the DL380 for the Exchange
Server from HP ).

Also, let's throw out that Small Business Server 2003 is out and looks
pretty impressive! David could get a bit of a beefier Sever and run
everything on that. But then there goes the Redundancy!

Anyway, he has several choices.

Cary

 

[David Yowell]

Thank you all for the advise. I spent an hour reading the newgroups
before posting, but almost all the discussions seem to be about larger
multi-domain, multi-site networks.

David Y.

 

[Herb Martin]

Thank you all for the advise. I spent an hour reading the newgroups
before posting, but almost all the discussions seem to be about larger
multi-domain, multi-site networks.

Glad to help.

Your reading of the newsgroups doesn't jibe with mine,
certainly the twenty or so I answer each day.

Most are from people with one domain, a few from people
with 2-3 domains.

Most of the domains are under 100 users.