Announcement

Collapse
No announcement yet.

Active directory redundancy design

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active directory redundancy design

    Dear all,

    We have 2 domain controllers in our office one acting as primary and the other additional domain controller we installed for redundancy. Yesterday our primary domain controller wont boot up due to memory issue and thats when we realized that the additional domain controller isnt serving logon request thereby destroying the whole purpose of redundant design.
    We discovered that he additional AD server was not GC enabled and hence was unable to serve logon request.

    I need some advice on whether its recommended to enable Global Catalogue on the additional AD server as well. I was told that enabling GC on both the domain controllers will have some performance issues on the server.

    Is there any other way to accomplish redundancy apart from enabling GC and Universal caching?

  • #2
    Re: Active directory redundancy design

    Make both DC's a GC and a DNS server and you should be done.
    Universal Group Caching is useful when you have a small branch office for example.

    The impact of making both a GC is not that high. There is a bit more replication traffic, but on a LAN you wouldn't notice it...
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Active directory redundancy design

      Originally posted by Dumber View Post
      Make both DC's a GC and a DNS server and you should be done.
      Agreed. Don't forget though that any services that are exclusively hosted on the 'PDC' will be unavailable while that server is down. While you probably won't notice the lack of FSMO roles if the downtime is brief, chances are you would notice the lack of DHCP.
      Gareth Howells

      BSc (Hons), MBCS, MCP, MCDST, ICCE

      Any advice is given in good faith and without warranty.

      Please give reputation points if somebody has helped you.

      "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

      "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

      Comment


      • #4
        Re: Active directory redundancy design

        Thanks for the suggestion. This is our domain setup. Two root domain controllers --xyz.com followed by child domain with 2 domain controllers eg ho.xyz.com in A location and another child domain with 2 domain controllers eg br.xyz.com in location B.
        So you can see that for each child domain we have redundant domain controllers. Will it be appropriate to enable global catalogue on all child domain controllers ie ho.xyz.com and br.xyz.com?

        Comment


        • #5
          Re: Active directory redundancy design

          It would be advisable to make each DC a GC and DNS server.
          Gareth Howells

          BSc (Hons), MBCS, MCP, MCDST, ICCE

          Any advice is given in good faith and without warranty.

          Please give reputation points if somebody has helped you.

          "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

          "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

          Comment

          Working...
          X