No announcement yet.

Windows Domain/Application structure?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows Domain/Application structure?

    Good day everyone. I have a very general question that I have been contemplating in the company I work for.

    We currently have an online application (constructed of ASP.NET and C Sharp) which runs on IIS 6 and links to a MS SQL 2005 server database for querying purposes only. No input is made through the online application. Only used for reporting purposes. This application is on a Windows 2008 R2 Server.

    We also currently use SQL database to manage all of the accounts that log in to the application.

    We currently also have Windows 2008 R2 server that acts as our fileserver. Finally have a Windows 2003 Server as our DC.

    We are looking at bringing all of this up to standards as we carry sensitive data that must meet HIPPA and FERPA requirements.

    We are looking at hosting all of this to Rackspace and setting all of this in one server with three VM environments. One for DC (AD), another for SQL, and third for IIS. We would like to use AD in our new environment to handle all logon credentials.

    Questions are as follows:

    1) Would AD be adequate to manage accounts for something like this when most of our users are external, and we have about 1500 accounts but only about 350 active users (bad user management) that login to the online application only?

    2) Would we need a failover server with all three VMs mirrored as disaster recovery since Rackspace offers 2 hour turnaround on disaster recovery?

    3) Could we place our DC and AD on Rackspace and be able to authenticate our computers to it from our office (for the employees only)?

    4) Finally, would it be smart to have a secondary DC in a hosted environment such as this?

    Please let me know any thoughts or opinions aside from these questions as this is a venture I would like to proceed with, if viable.

    Thank you

  • #2
    Re: Windows Domain/Application structure?

    One of my solutions is with 2 esx servers in different rooms/locations and at least 1 physical DC.
    You will have 2 rooms: production room with 1 esx server and one physical DC, DR room with 1 esx and physical DC + tape library.
    (nice to have a physical server for vsphere placed in DR room)
    You can replicate the servers (NOT the DC) with veeam/double take/marathon.
    also you have to backup AD/SQL/etc...

    If the sql is highly used is not recommended to go to virtual. (let all the server how they are and replicate the sql database/file server to a secondary server in a different location and and also a second dc)

    1 - check last log on and disable unused users;
    2 - depending what you want ... DR is not backup if you want DR you need at least a second server


    • #3
      Re: Windows Domain/Application structure?

      short answer, yes.
      Long answer, yes, but it will take a bit more planning than just an off-the-cuff yes.
      Please do show your appreciation to those who assist you by leaving Rep Point


      • #4
        Re: Windows Domain/Application structure?

        The SQL is not highly used. It is mainly for querying purposes and is static about 95% of the year. We are looking at a production and development environment. The production environment would be hosted at rackspace and the development environment would be internal. we are not looking at reducing the amount of accounts at the moment, simply want to redesign our infrastructure.

        So you guys would recommend that the DC be a physical box? If so, why?


        • #5
          Re: Windows Domain/Application structure?

          i never specifically said you need a physical DC...
          Please do show your appreciation to those who assist you by leaving Rep Point


          • #6
            Re: Windows Domain/Application structure?

            I was referring to dupicu. I don't feel you have said anything, tehcamel. More insight would be helpful though.

            Thank you


            • #7
              Re: Windows Domain/Application structure?

              There is a general recommendation that at least one DC is physical to avoid the problem that a domain member virtual host boots, then waits for a response from a virtual DC that will not boot itself until the host has fully booted.
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd

              ** Remember to give credit where credit is due and leave reputation points where appropriate **