Re: Site Server Requirements.
- From: "kj" <kj@xxxxxxxxxxx>
- Date: Wed, 15 Mar 2006 09:16:50 -0700
So with;
Each site that has a Major Business function that requires 5 nines of
availability must be able to operate independently; if the WAN link is
unavailable (about 60 % of the sites fall into this category). (Local MS
Authenticated application must still work.... Exchange...etc)
Your requirements are driving much of the design. Certainly one server per
site is essential to meet your business needs.
I didn't comprehend what the second server per site was for, nor see any
empty root domain requirements.
Undoubtedly your consulting company will work with you to make budgetary
adjustments particularly with the smaller and less critical sites.
When I was consulting for major hardware vendor it wasn't unusual to bring
in an independent for a design review. For our large fixed price projects I
usually brought in a Microsoft Consulting Services resource for validation
and peer review. If you have a TAM, check with them. You might have a
freebie design review available already.
--
/kj
"Paul" <someone@xxxxxxxxxxxxx> wrote in message
news:e6bocuCSGHA.1576@xxxxxxxxxxxxxxxxxxxxxxx
Yes, The consulting company does sell hardware.... This is part of the
problem I have getting an honest opinion regarding hardware specs.
The design Requirements:
The domain controllers being deployed will NOT be used for anything but
DC,DNS,DHCP,WINS. Existing NT 2000 File & print servers at each location
will not be touched. (Except for what is required to move them from the NT
4 Resource domain to the Active Directory domain.)
Design considerations:
Each site that has a Major Business function that requires 5 nines of
availability must be able to operate independently; if the WAN link is
unavailable (about 60 % of the sites fall into this category). (Local MS
Authenticated application must still work.... Exchange...etc)
The likely hood of a WAN failure is low. (not zero -- probably 2 failures
per year of 30 min duration on a worst case average. 3 of the sites have
two independent paths to the WAN being the most critical to the business.
[recently installed])
The remainder of the sites are remote sites that do not have critical
components that rely on Active Directory, which means if the WAN were to
fail only remote resources at other offices would not be available. (these
sites use NT Workgroups for critical server authentication and will not be
changing the method of authentication once AD is deployed.)
Existing Site Details:
All sites have their own exchange Server, File Servers, and Misc. Business
Critical Servers. (Existing NT 4.0 Domain controllers have DHCP, WINS, DNS
which will be upgraded to Active Directory)
Most of the centrally shared applications don't rely on any MS
authentication. (Finance system uses Dumb Terminal Technology (telnet)
with UNIX Authentication From a Green Screen)
One centrally share application does rely on MS AD Authentication But if
the WAN Fails no-one will be able to access it even if they had a local AD
server....No WAN no Access....
.......
I agree with your idea of the multi site spec, (Small Medium Large)!!
"kj" <kj@xxxxxxxxxxx> wrote in message
news:u%23LKwx$RGHA.1948@xxxxxxxxxxxxxxxxxxxxxxx
So does your consulting company also sell hardware? ;-)
While it seems rather excessive from the information you've presented, in
all fairness, the design and performance criteria you gave them going in
may be reasonable factors for such recommendations.
So, what were the design requirements?
Critiquing the design;
First, why the empty root domain? With the understanding of the "Forest
Security boundary" instead of the "domain security boundary" most reasons
for any empty root are gone.
Why the two servers at each site? Is one an Infrastructure server
(DC,DNS,DHCP,WINS) and the other File/Print/Application server or what?
Two servers for 5 users is huge overkill. But did your requirements drive
the design to that end?
Many of the diverse multi-site designs I have done spec'ed server
hardware in two or three tiers (small site, medium site, large site). It
is important to have standardization and growth capacity in servers. Many
times the small and medium sites have the greatest growth percentage.
--
/kj
"Paul" <someone@xxxxxxxxxxxxx> wrote in message
news:%23R1P8d$RGHA.5780@xxxxxxxxxxxxxxxxxxxxxxx
I have a problem that needs some expert advice.
My company is planning on deploying Active Directory. Our current
network consists of NT 4.0 domain controllers with a single master
account domain and 18 resource domain controllers. (approx 3100
users/workstations)
We hired a consulting company to help plan our upgrade. The consulting
company came back and recommended that we should have a single forest
domain model ( consists of a COMPANY.root domain and a COMPANY.local
domain where the accounts and machine objects go.).
Because my company has multiple regional offices the consulting firm
recommended that we place 2 domain controllers in each remote location
to provide for fault tolerance of the active directory infrastructure.
(each remote office is connected to the WAN with a 10 Meg connection.
Head office connection of course is > 80 meg. This all runs under a
SONNET WAN Network)
The number of Workstations/users per location is highlighted in the
following list: (We have a total of 3094 users/workstation )
Location A 5
Location B 1396 (HEAD OFFICE)
Location C 10
Location D 85
Location E 115
Location F 72
Location G 110
Location H 12
Location I 81
Location J 47
Location K 65
Location L 14
Location M 71
Location N 13
Location O 134
Location P 8
Location Q 14
Location R 842
Grand Total 3094
So here is the problem. The consulting company is recommending the
following specs for all the locations: (same server Model/config
everywhere)
Each Location would have 2 (TWO) servers with the following
configuration:
Processor Xeon 2.8 GHz # of Processors 2 L2 Cache 1024K
Memory 2 GB
Disks 6
Array 1 Tolerance RAID 1
Available 73 GB
Operating System C: 36 GB
AD Log Logical Drives D: 36 GB
Array 2 Tolerance RAID 5
Available 146 GB
AD Database,
SYSVOL Logical Drives E:
Spare Drive Hot Spare 1 x 73 GB
This amounts to 12K of server hardware per location!!! (~6K per box not
counting the cost for software)
36 Servers (216,000 K) in servers
So my problem here is.... I believe the consulting company is over
spec'ing the hardware for most of my sites.
I don't know what a good configuration spec is for some of these
sites....but this seems very excessive for MOST of the locations.
I could see needing better equipment for my sites that approach 1000
users/machines..... But do I really need two dual process 2.8Gig Xeon
system per site???
Considering my NT 4.0 domain is running on Pentium Pro CPU's and seems
hardly utilized. Is AD that much more CPU intensive??? Is AD this much
more Fragile to operate that it requires all this redundancy??? Or do I
need to find a better consulting company????
Help
.
- References:
- Site Server Requirements.
- From: Paul
- Re: Site Server Requirements.
- From: kj
- Re: Site Server Requirements.
- From: Paul
- Site Server Requirements.
- Prev by Date: Re: Site link and domain infrastrure
- Next by Date: Re: LDAP signing and encryption
- Previous by thread: Re: Site Server Requirements.
- Next by thread: Re: Password change sync in 2k3 AD question
- Index(es):
Relevant Pages
|
