Diane,
The
Infrastructure Master is responsible for updating references from
objects in its domain to objects in other domains. The way it does this is to
compare its data with that of a GC (which is why it is good practice to always
have a GC available in the same Site).
If through this comparison the Infrastructure Master discovers
out-of-date data then it requests an update from the GC. It then replicates this information to
other DCs in the domain. The
problem with co-locating the two functions is that the GC�s data, through
replication, is always (or nearly always) up to date. This means that the Infrastructure
master will never find out-of-date
data and will therefore never replicate updates to the other DCs in the
domain. In other words the
Infrastructure will not perform its role.
When you install your first Active Directory Domain Controller it is automatically configured as a GC Server. The first DC in the forest is also assigned all five FSMO roles. This would tend to go against the rule of thumb regarding GCs and the Infrastructure Master role. In fact there are two exceptions to the rule. If there is only one domain then the Infrastructure Master has no need update object references to other domains, because there are no other domains. The second exception occurs if all the DCs in a single domain in a multi-domain environment are also GC Servers, as this means they are all up-to-date and have no need of updates from the Infrastructure Master. In these scenarios is doesn�t matter which DC holds the Infrastructure Master role.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ayers, Diane
Sent: Monday, June 03, 2002 5:44 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DC placement in ADIIRC, you need to have one non-GC to support the infrastructure master FSMO role. I've been going be the recommendation the the Infrastructure master should be on a non GC but for a domain of 20 users it might not be an issue.Diane-----Original Message-----
From: Tony Murray [mailto:[EMAIL PROTECTED]]
Sent: Saturday, June 01, 2002 8:55 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DC placement in ADHi KenPersonally, I wouldn't have a domain with just one DC. This applies especially to the root domain which houses the Enterprise Administrators and Schema Administrators groups. Even with backups a single DC represents an unaccepable risk. Also, in terms of business continuity a single DC per domain is a single point of failure.If you can't afford the luxury of 4 DCs (which for 20 users looks like overkill) I would stay with just one domain. If the company changes name in the future it will not kill you to migrate 20 users.Good idea to make them both GCs.Tony-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Rinehart
Sent: Friday, May 31, 2002 11:42 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] DC placement in AD
I have a small office network I've been designing and just need a few "tips" before I go through the actual setup. The company has agreed to buy 2 nice servers to act as DCs for a small office network of 20 people. There is talk of a company name change at somepoint so my thoughts were to do an "empty root" then create my main domain tree that all users will login to. Done. Eventually when the time comes I'd just create a new domain tree with the new company name and move the accounts over. This seem logical?
I guess my question is will 2 DCs be OK for now? I'd just make them both GC servers also. I'm trying to get a better understanding of where to put DCs in the scheme of things. One DC per domain tree or what?
Thanks in advance
Ken-
