RE: Need Advice
- From: SEgerton <SEgerton@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 11 Aug 2006 11:42:02 -0700
In Addition, All servers are Windows 2003 Servers.
"SEgerton" wrote:
Im relatively new to Active Directory. I've been posting questions in here.
for the last couple months and things are coming along slowly. Things are
working out well, you guys have been of great help. But before i go too far;
I just want to make sure im running things correctly.
I need advice about my configuration of my Active Directory domain and its
structure. What im in the process of doing is, converting our Novell Network
(that is used only for File and Print share) to Active Directory. Im not
concerned at the moment about the conversion; I've already done test runs on
this and know how to do this. At the same time that im building this new
Active Directory domain, im also setting up a Disaster Recovery Site for this
domain. We have purchased all our equipment and are using VMware ESX software
to build our servers. Our Production site and our Disaster Recovery site are
in different states and are connected by way of a T1. Both networks are also
in different Subnets. We have also purchase NSI Double Take software to
replicated our file server.
This is what i've done so far. I've built two Active Directory Domain
Controllers in our Production site and a File Server that is a Member Server
of the domain. Both Active Directory Domain Controllers are also Active
Directory Intergrated DNS Servers.
Then I built two additional Active Directory Domain Controllers in our
Disaster Recovery site. I just added them to the same domain. These
additional Active Directory Domain Controller are also Active Directory
Intergrated DNS Severs. Then I also built an additional File Server that is a
member server of the same domain.
All Active Directory Domain Controllers in both my Production site and my
Disaster Recovery site are Global Catalog Servers. I have the NSI Double Take
software installed my both my File Servers for replication. I've also tested
this software and it is working out well.
No roles have been moved from any servers. Therefore, my understanding is
that my first Active Directory Domain Controler is holding all the roles.
I set up the network this way, so in the event of a disaster; my network
will be replicated in my Disaster Recovery site. I've done some test runs
and things worked, but not 100%. After I shutdown my Production Site, the
Double Take software notice the network went down and took over. That part
worked great. But for the Acitve Directory Domain, logins took longer; logon
sctipts seem to take a long time to map and they didn't seem to work
correctly. I used IFMember commands in my scripts and it didn't reconize this
command when the Production site went down, but it did see all the Net Use
commands and Mapped all drives for all groups for one user. Even mapping for
groups the user isn't in.(At the moment everyone has rights to all files on
the File Server. I will change this later). But when the Production site is
up, the IFMember command works and they only get their asigned mappings. When
i placed the IFMember command in the Netlogon folder on the first DC, I did
notice it replicate to the other servers. So way wouldn't this work?
Today i notice that i was getting errors in my event logs of my first domain
controller. These error were posted at times when both sites were up and
everything seemed to be working well. The error ID's were
Type: Error
User: NT Authority\System
Computers: MY First Domain Controller
Source: Userenv
Category: None
Event ID: 1030
Type: Error
User: NT Authority\System
Computer: My First Domain Controller
Source: Userenv
Category: None
Event ID: 1058
Then on a final note. My manager would like to use our Disaster Recovery
site as our only source of redundancy for our VMWare Server. I didn't mention
this before, but All three servers in our Production Site Reside on a Storage
Array connected to only one server running VMWare. So if this server should
fail, then all three servers will go down, and he would like our users in our
production site to connect over the T1 to the remaining two Active Directory
servers and the File server in our Disaster Recovery Site. Another scenario I
can think of would be if only the File Server in the production site went
down, then users would connect to the File Server in our Disaster Recovery
site.
After having all these issues and thoughts; I got to thinking, about Sites;
but im not familar with them. All my server are in the same domain and the
same site. Should i have created two different sites within the same domain.
This is what got me thinking to open this post.
From all my reading about Active Directory, i believe i setup the domain
correctly; but im unsure whether or not i should have created two different
sites under the one domain. I am unfamilar with this.
Any comments on my configuration of my Active Directory Domain and its
structure will be appriciated.
Thanks in advance.
Shannon
- Follow-Ups:
- Re: Need Advice
- From: Al Mulnick
- Re: Need Advice
- References:
- Need Advice
- From: SEgerton
- Need Advice
- Prev by Date: Re: How to check user account creation and modification (disabled)
- Next by Date: Active Directory - Account Expires Date
- Previous by thread: Need Advice
- Next by thread: Re: Need Advice
- Index(es):
Relevant Pages
|
