Sure, Roger. Go ahead - split hairs! ;-)
-rtk -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Tuesday, March 25, 2003 6:36 AM To: '[EMAIL PROTECTED]' You are correct, but realistically a DDNS setup requires DNS and DCs to coexist, I'd expect that to be the much more likely scenario. -------------------------------------------------------------- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Rick Kingslan [mailto:[EMAIL PROTECTED] > Sent: Monday, March 24, 2003 10:34 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] What Services/Server's can be combined with > Active Directory. > > > Missy, > > Doesn't this only apply when a DNS is also present on the DC? > Combining the DNS and DHCP services can cause a security issue as you > noted. But, if I combine DC services and DNS services, the compromise > is not possible. Also, if I combine DHCP and DC functionality, I'm > still secure - true? > > Good to have you here! > > Rick Kingslan MCSE, MCSA, MCT > Microsoft MVP - Active Directory > Associate Expert > Expert Zone - www.microsoft.com/windowsxp/expertzone > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Missy > Koslosky > Sent: Monday, March 24, 2003 9:18 PM > To: [EMAIL PROTECTED] > > Glenn, > > I'd want to keep DHCP off my DC's to avoid name hijacking. > See http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q255134 > > Hope all is well with you! > > Missy Koslosky > ----- Original Message ----- > From: "Glenn Corbett" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, March 22, 2003 5:33 PM > Subject: Re: [ActiveDir] What Services/Server's can be combined with > Active Directory. > > > John, > > The reason why you havent really been able to find a source, is that > the answer is "it depends". > > Depending on the size of your sites, the amount of data, number of > clients, other applications using DC services etc, you can really have > a single server that does DC, GC, DNS, WINS, DHCP, FP. I really > wouldn't worry about putting DHCP on a server by itself, the load is > so small. Out of all of the infrastructure services, DCHP is probably > the smallest load. Client machines get a dhcp address when they > start, and IIRC there are two requests during the lifetime of the IP > address (one halfway though, and one at the end of the lease). So for > a 2 week lease timeout, you have essentially > 3 requests to a DHCP server which is nothing to really worry about. > > I recently did some AD design work where small sites (up to about 30 > uers) had a single server (Dual PIII 2+Ghz) ran all the functions > listed previously, plus Exchange with no real trouble. For larger > sites, my suggestion would be one "infrastructure server" (DC, GC, > WINS, DHCP, DNS), and "application server(s)" (File Print, Exchange > etc). > > As long as you design your AD site topology correctly (so that > replication is optimised, and GC placement is relevant for your > clients), AD can pretty much co-exist with most things, its a question > of network bandwidth and load on the server. Other Databases (like > Exchange, SQL, Oracle) are really the main applications you need to be > careful with when putting on the same server as AD, because they can > cramp each others style (Exchange and SQL on the same box for example > is very touchy). > > If you are thinking or layering other applications onto an AD DC, just > have a read of the requirements. In a lot of cases MS "force" you > down a particular path. For example, SUS (System Update Services), and > MOM (Microsoft Ops Manager) wont run on DC's, so you are forced to put > in an additional server to run these. > > so, as for your original question *grin*, I would have one server that > does the "infrastructure" stuff, and another server for FP. > > Glenn > > > ----- Original Message ----- > From: "John Strongosky" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, March 22, 2003 11:27 AM > Subject: [ActiveDir] What Services/Server's can be combined with > Active Directory. > > > > In our planning group we are having a discussion on what > > server's/services do we need to combine or can combine for our AD > > deployment. I have looked thru allot of Technote's there is not one > > definitive answer. Can anyone point me to a source or > answer this for me. > > > > We are thinking of combing: DC,dns and gc's on a server, file and > > print > and > > dhcp on another in our sites or DC, dns, gc on a server, file and > > print on > a > > server and dhcp by itself. > > > > > > john > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
