|
If the OP is doing Domino, Domino has its own clustering
contraption that you can use in lieu of MSCS as I understand it. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Wohlgehagen, Max W Hey folks.... Just
a little confused here ... nodes notes[domino????] Going back to the
original post there is no mention of nodes only Lotus Notes and clustering. I
am sort of wondering what people mean here? What
is meant when each says nodes and what does the poster mean when they say
notes? Seems
to me [and am more than happy to be put back on my box :-) ] seems that the
original poster wants to have mail servers in a DMZ and utilise MS clustering
services to achieve this with the servers? The advice gets a bit confusing but
my interpretation and I am agreeing with this interpretation (can one do that
..??) is that 1
It is OK to create a domain in a DMZ. 2
It is not advisable to make that domain part of a forest that has its source
internal to the DMZ and thus best for it to be its own forest. 3
The DC's in that forest are best not to be nodes within the clustered
servers. 4
It is fine to create a domino or other email server in a cluster. 5
You need a domain and therefore an AD to institute a Cluster. 6
Normal practice applies when creating a domain/forest with respect to FSMOs,
GC, DNS, service accounts, and redundancy. I
am not sure if this covers an internet pages server [IIS??] but that too would
apply as above and could also reside within a cluster depending on what and how
the rest is planned to be put together. If
I have part or all of this wrong I apologise in advance Cheers: Max
Wohlgehagen From: [EMAIL PROTECTED] on
behalf of Brian Desmond Please don’t make the cluster nodes DCs. It’s a really bad setup
and doesn’t always fully work. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Paul Williams If
you take a look at the Windows 2000 clustering training material (I don't have
it handy so my vocabulary will be scetchy) there is a setup where you make the
nodes the DCs for the domain that the cluster resides in. I've never
implemented such a setup though, so can't vouch for it in anyway, other than
saying that it is supported to have a DC or DCs as nodes in a cluster.
What isn't supported is the clustering of AD (we all know why that is a stupid
idea anyway). Personally,
I would add two additional servers to the DMZ as domain controllers for their
own forest, also running as GC and DNS servers. The clusters, and the
notes servers, and any other servers that have service accounts running on
them, can then be members of this domain. You
need to think long and hard before creating any trusts from the DMZ to the
internal (or vice-versa). Again, this is supported and is often used (DMZ
trusts internal) in a number of setups, but the true purpose of a DMZ doesn't
allow such things (from a conceptual perspective --see DMZology presentation by
Fred at TechEd for some good info. on this). --Paul
|
- Re: [ActiveDir] List Attribute Syntaxes? Michael B Allen
- RE: [ActiveDir] List Attribute Syntaxes? joe
- Re: [ActiveDir] List Attribute Syntaxes? Michael B Allen
- Re: [ActiveDir] List Attribute Syntaxe... Michael B Allen
- FW: [ActiveDir] List Attribute Syntaxes? joe
- [ActiveDir] DMZ DOMAIN? adriaoramos
- RE: [ActiveDir] DMZ DOMAIN? Brian Desmond
- Re: [ActiveDir] DMZ DOMAIN? Paul Williams
- RE: [ActiveDir] DMZ DOMAIN? Brian Desmond
- RE: [ActiveDir] DMZ DOMAIN? Wohlgehagen, Max W
- RE: [ActiveDir] DMZ DOMAIN? Brian Desmond
