If your only goal is to provide DNS, how about running BIND on a Linux
box? I haven't explicitly done it, but Win DNS does support BIND
secondaries.
There's only 1 drawback with that plan that has bit me in the behind
recently. I had a similar site from which my backup DC was removed
from the budget. I wasn't happy but figured it would be okay with the
cached logins.
Last week the DC went down and all of my Terminal Sessions couldn't
log in. We have repeatedly tested and it's consistent. Research by
one of the guys in my group showed that while you can log onto the
console of a server (and a workstation is in fact the console) RDC and
all other network sessions are not supported with cached credentials.
In other words, you can log onto your workstation, but forget about
getting to a network resource. Is that going to work for you?
As far as hardware costs go, you can use one of my solutions: I run a
virtual DC on a workstation as a backup. This PC happens to be at my
house and runs over a VPN, but obviously it would work better on the
LAN. I did it at home so that I'd have an offsite AD backup.
Of course you still have the server license with which to contend.
Now that I'm thinking...has anyone used Samba recently for DC backup?
As I remember, version 3 and before only supported NT4 auth, but would
that be enough to get to the network resources? Now I'm going to have
to try that. Samba 4 is supposed to be fully AD-integrated whenever
it comes out.
On Oct 1, 2010, at 1:15 PM, Dustin Puryear wrote:
We have a [common] situation where a company has a single site, has
Active Directory, and only has one Domain Controller (DC). We could
bring up a second DC, but there are hardware and licensing costs.
That, and most AD networks that are workstation-heavy can survive
quite well after a DC goes down for a good bit of time. If you
exclude the fact that the DC is also the DNS primary for that network.
Anyone know of a DNS hosting service that is known to play well with
hosting secondary DNS for AD DNS?
And what are your thoughts on this in terms of security? Anyone
using a hosting service to provide secondary DNS capabilities for
internal DNS?
---
Puryear IT, LLC - We see IT differently.
Baton Rouge, LA - 225-706-8414
http://www.puryear-it.com/
_______________________________________________
General mailing list
General@brlug.net
http://mail.brlug.net/mailman/listinfo/general_brlug.net
--
Keith Stokes
_______________________________________________
General mailing list
General@brlug.net
http://mail.brlug.net/mailman/listinfo/general_brlug.net