Announcement

Collapse
No announcement yet.

Active Directory, 2 Domain Controllers, SAN Storage and Folder Redirection

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory, 2 Domain Controllers, SAN Storage and Folder Redirection

    Greeting's, I'm provided with:

    1. Windows Server 2012 R2 Standard Edition.
    2. SAN block storage (EMC VNXe 1600) with FC connectivity.
    3. Blade servers (Dell M630 within M1000e chassis) with FC switch. Each server has 2 Xeon V3 processors totalling 32 cores and 64 GB DDR4 RAM.

    I need to implement active directory with 2 domain controllers and folder redirection for all users (user count is at 250 and will reach 1000 in due course). Folder redirection will be used for all customizable folders.

    Problem / Question:

    A LUN created on SAN storage can only be mounted on one server (Domain controller). Mounting single LUN on multiple servers will corrupt the LUN.

    Folder redirection will require ACLs to keep user data secure (ACLs are mentioned here: (https://technet.microsoft.com/en-us/...v=ws.11).aspx). I see that these are NTFS ACLs.

    Given the above constraints (hardware / software / requirements). How best can I implement 2 DCs with folder redirection? I have one extra server which I can use.

    I have got certain recommendations such as creating a filer server but I'm unaware if the I/O will be acceptable in case where DC's are constantly asking a file server to read, write user data?

    What would be the best way to go about implementing folder redirection in this case?

  • #2
    Install Hyper-V on your blade servers, configure your storage as shared storage and bobs your uncle you have what you require to install 2 DCs.

    My personal preference would be to move your file storage away from your DC's onto its own server.

    Comment


    • #3
      Ditto re separate file storage, and consider DFS if you need HA / Synchronisation
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Will folder redirection work? I am sorry but I am unable to grasp how storage allocation will work (LUN distribution). Also since i have a third blade handy, should i configure that as storage server? Will the I/O be acceptable for 500 users on LAN with their files on the SAN / storage server? We have 8 Gbps FC from Servers to SAN connection and 1 Gbps between machines to server.

        Comment


        • #5
          If configured correctly Folder Redirection will work.

          Not sure if the IO will be enough.

          Comment


          • #6
            Does that mean SAN is a bad choice? Would NAS be a more apt solution? What would be best in case where I want to do folder redirection with large storage capacity?

            Comment


            • #7
              I don't know what your IO requirements are but i would preference a SAN over a NAS.

              Maybe you should research the solution you are putting in place to see if it suits the environment you will be working with.

              Comment


              • #8
                In general IOPS are more important than FC speed, so knowing what drives are in your SAN would help, as would your file requirements - I am sure Dell will have a capacity planner of some sort to help you with what IOPS are required

                Even with 250 to 1000 users, the IO load for the DCs will be less than that required for file services - you log on once, then access lots of files (open, save regularly, close, repeat)
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Agree with Ossian and wullieb1--DCs for authentication, DNS and DHCP, file server for redirects. You can select which profile folders are redirected out of those possible (the named folders under Group Policy is the list), so you may decide that some aren't necessary. I maintain an environment which has 2 DCs and 2 file servers,as well as several web servers, some SQL, and Sharepoint all virtualised and replicated, and we use DFS as well with all possible redirects in use. Our SAN access is on 10Gig iSCSI links, and user base is over 250. No issues.
                  *RicklesP*
                  MSCA (2003/XP), Security+, CCNA

                  ** Remember: credit where credit is due, and reputation points as appropriate **

                  Comment


                  • #10
                    Thank you everyone for your inputs. I will see how best to implement it and leave an answer here. But the fact that it isn't impossible and the hardware I have CAN be used is extremely relieving.

                    Comment

                    Working...
                    X