Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
From: Sitton Glen E [mailto:[EMAIL PROTECTED]
Sent: Friday, May 21, 2004 5:19 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] how many domain controllers ?That's they key phrase ... as long as it is up. If a DC were to go down in one physical location, I'm sure the user experience would be less than optimal, but business would be able to continue. Since we're only beginning the mass user migrations, I don't have any real-world experience to back this up. We would rely on our WAN links (which are fairly robust), until we revived the local DC. With 40+ DCs spread across the nation, no one is very far from a neighboring DC. We're rolling out more DCs, but only to locations that don't already have one. It's possible that a convergence of unfortunate events could really hose us up, but I think our existing plan covers any reasonable risk. (And now I'm sure I just jinxed myself).When we migrate to E2K3, we will rollout additional virtualized DCs to match those requirements (rather than relying on the one that was already at the server farm).-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Friday, May 21, 2004 4:00 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] how many domain controllers ?Ah sorry read your post backwards. Valid point. However as long as it was up during the morning logon rush I would still expect it do pretty well.joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter
Sent: Friday, May 21, 2004 4:15 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] how many domain controllers ?That's two different scenarios, though, yes? One is the DC is down but the WAN is up, the other being the DC is up but the WAN is down. In Glen's layout, I'd be more concerned with the former, as my luck would have the DC dropping at about 7:45 on a Monday morning. Throw in a bit of group policy to jump the startup/login traffic up to a couple hundred Kb, multiply by several hundred eager employees powering up workstations and trying to login....Hunter
From: joe [mailto:[EMAIL PROTECTED]
Sent: Friday, May 21, 2004 1:49 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] how many domain controllers ?As long as there is DNS resolution (say you aren't using a centralized DNS) you should be ok. Domain stuff isn't really heavy unless you have Exchange or something like that beating on it. I have found that WAN site DCs tend to be mostly sleeping.It is fairly easy to test and probably should be, just take an afternoon and disconnect the WAN connection. Consider it a business recovery test which everyone should be doing. Not full disaster recovery but business recovery in case of some major outage like an extended WAN line drop.joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter
Sent: Friday, May 21, 2004 3:34 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] how many domain controllers ?One thing to consider is what happens to your WAN if the lone DC in a site with several thousand users dies. Maybe it's ok, maybe not. I'm guessing that the user experience will be sub-optimal :-)Hunter
From: Sitton Glen E [mailto:[EMAIL PROTECTED]
Sent: Friday, May 21, 2004 11:08 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] how many domain controllers ?The architecture we have adopted calls for one DC at each WAN-isolated location. Even the sites that have several thousand user accounts only have one DC. The DCs are reasonably beefy quad-proc servers. There are roughly forty WAN locations. And if real-life performance calls for changes, we'll do that when the time comes. Right now, we're only beginning to migrate large numbers of user accounts into the W2K3 AD domain.
We have one empty root domain, and one child production domain. All our DCs are GCs.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of joe
Sent: Friday, May 21, 2004 8:34 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] how many domain controllers ?
For production, never less than two. The max depends on your usage and your WAN configuration and network stability.
If you have heavy usage due to apps like Exchange, you *may* need a couple of more. I think the calculation is one GC CPU per 2 Exchange CPUs or something like that? Though I am never a huge fan of just paper guessing, it may work for 80% of the places and you have one that doesn't fit that model. They don't know what else you are doing.
If you have a WAN configuration with network connectivity that can drop (i.e. isn't guaranteed 100%) and you care about whether they work in a dropped state then you will need at least one per isolated location.
If you have a single domain, make all DCs GCs.
joe
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Mike Maple
Sent: Friday, May 21, 2004 6:28 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] how many domain controllers ?Does anyone have a view about how many servers in a domain should be domain controllers. Should it be all of them - or only a few on each site ?
Mike.
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
