Announcement

Collapse
No announcement yet.

multiple servers in win SBS2011 domain/active directory

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • multiple servers in win SBS2011 domain/active directory

    gentlemen:

    our company currently has the following servers -

    win2003 SBS server
    1. it provides exchange/email services to users.
    2. it hosts a vertical application used by municipalities.
    3. it hosts all of the company's data/documents.

    win2008 R2 server
    1. it is configured as a member server.
    2. it hosts the latest version of the vertical app currently
    used on the SBS2003 svr.

    the latest version of the vertical app utilizes the users
    network credentials to authenticate to the vertical app.

    the original version of the vertical app provided the capability
    to create a different set of user credentials to access the app.

    our goal with the sbs2003 server is to replace it with -

    a win2011 sbs server with a minimal amount of modules
    and exchange installed. it will ONLY provide exchange services.

    OR

    install a windows2008 R2 server with exchange installed on it.


    install a third server using windows2008 R2 server that will
    house all of the companies documents.

    our goal is to provide was to segment the data/exchange/hosted
    app data that is currently resident on the win2003SBS svr as
    this company's customer base is going to grow from 4,000 customers
    to 20,000 plus clients within the next 18-24 months.

    this particular office will be okay with SBS2011 and a maximum of
    75 users.

    our goal is to INSURE that users can still access the vertical app
    installed on the windows2008 R2 server even if the "lead" DC
    server is down.

    we know that we can convert the windows2008 R2 servers to
    DC servers.

    Q-will the active domain be replicated to a second DC server
    and if the "lead" DC server (let's say that its a SBS2011 svr)
    goes down can users still be authenticated by the secondary
    DC server?

    should we consider making BOTH of the windows2008 R2
    servers secondary DC controllers?

    we have looked at replication several different ways but
    we are just not sure which is the best direction to go with
    this.

    the existing windows2003 SBS server will be shut down
    and all of the data/exchange accounts will be ported to
    the new servers.


    thanks in advance for any assistance you can provide.

  • #2
    Re: multiple servers in win SBS2011 domain/active directory

    To have the redundancy in authentication you can migrate SBS 2011 and add an additional DC by either promoting your existing 2008 R2 server or getting another server. This will depend greatly on the demands of app.

    But having two DC's only addresses part of the reliability. You still have a single point of failure in the one server running the vertical app.

    We really can't tell you which solution to choose without a lot more knowledge of your environment. This is probably a good time to look at getting a consultant to look at your environment, assess your needs, and then make a recommendation.
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: multiple servers in win SBS2011 domain/active directory

      Originally posted by JeremyW View Post
      To have the redundancy in authentication you can migrate SBS 2011 and add an additional DC by either promoting your existing 2008 R2 server or getting another server. This will depend greatly on the demands of app.

      But having two DC's only addresses part of the reliability. You still have a single point of failure in the one server running the vertical app.

      We really can't tell you which solution to choose without a lot more knowledge of your environment. This is probably a good time to look at getting a consultant to look at your environment, assess your needs, and then make a recommendation.
      we realize that its a single point of failure just like the other two servers
      will be that we plan on installing.

      the data on the vertical app server is backed up
      by two different backup tools and we are using sas 15k seagate drives
      with a lsi sas controller configured in a raid 1 array with a supermicro
      I7-based main board.

      the sw developer recommends using a raid 1 versus a raid 5 array
      due to the way their db functions.

      rather than migrate from the sbs2003 to the sbs2011 server,
      we plan on backing up all of the data (its all backed up on a
      daily basis) and perform a new install on a new hardware platform
      for sbs2011, configure it with the active directory, dns etc. then
      promote the other two windows 2008 r2 servers to dc's.

      our main concern is what happens if the sbs2011 server goes down -

      our question was can users still authenticate to the vertical app
      via one of the other win2008 R2 servers that has been promoted
      as a DC?

      thanks

      vdt

      Comment


      • #4
        Re: multiple servers in win SBS2011 domain/active directory

        If one office is approaching the SBS 75 user limit, look at moving away from SBS to proper server + exchange -- I know it is more expensive, but in the long run will be easier to move now than later when everything is at capacity
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: multiple servers in win SBS2011 domain/active directory

          Originally posted by vdt View Post
          our question was can users still authenticate to the vertical app
          via one of the other win2008 R2 servers that has been promoted
          as a DC?

          The short answer is yes. You need to make sure the additional server you promote is also a GC and running DNS. Make sure all member servers and workstations have only the internal DNS servers configured on them and authentication should work fine.
          Regards,
          Jeremy

          Network Consultant/Engineer
          Baltimore - Washington area and beyond
          www.gma-cpa.com

          Comment

          Working...
          X