AD Domain Controller as Clustered Resource?

[Guest]

I'm wondering if its possible to install a domain controller as a clustered
resource on a 2000 or 2003 cluster? So as not to be confused I'm not asking
if a node can be a domain controller, I want the domain controller clustered
and be able to fail over in the event of a failure.

The reason I'd like to consider this is that we have some applications that
tie themselves to a domain controller (either coded into the app or whatever
DC responds when the app starts), if that DC goes down it causes an outage.
Management has tasked me to find a way to reduce the possibility of an outage
and we have some W2K Active/Passive clusters that have the spare power to
host domain controllers

 

[Ken B]

Simply having more than one domain controller in the domain is usually
considered a best-practice. As long as the DC's are configured correctly
with DNS and whatnot, then you should be able to have one go down, and will
lose not a lot of functionality without intervention.

Theoretically, depending on the size of your org (sounds large), you may be
able to get away with a 'backup' domain controller (yes, I know there isn't
such a thing in 2000 domains) of sorts for fault tolerance. For instance,
in my domain, we have 3 dc's running... new machine, one 3 years old, and in
a second building we have one dc (in case the network link between buildings
breaks), and that guy is just a little old pentium pro 200 server... i think
it's dually's, with a small raid array, just to hold the AD and virus
scanner.

We could have 2 dc's go off line, and people would be able to still log in
here, and use domain resources.

I don't think clustering is the way to go for your solution.... just a
second (third, fourth, fifth, etc.) dc would do the trick for what you'd
most likely need.

HTH

Ken

 

[Guest]

Yes, I understand that, we have 5 domain controllers locally and a total of
14, so I'm not worried about losing AD info or not having a DC to
authenticate users. As a matter of fact when the idea of clustering was
origionally brought to my attention my sarcastic response was "you want me to
cluster the individual nodes of a fault tolorant system?"

There is a valid issue here though, there are applications that seem to tie
themselves to individual domain controllers. IMO that's just plan lazy or
stupid coding on the part of the developers, but I can't control that end of
it. On one hand my team is working with the server or application owners to
make sure their applications don't react this way, but on the other hand I'm
trying to eliminate whatever possibility of downtime there is. It would not
justify setting up new clusters, but we do have some setup that definetly
have the spare processing power to run a DC.