Storage Question
-
And I thought my head was spinning 2 hours ago!
-
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
-
@scottalanmiller said:
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
I was going on the concept you should always have 2 DCs.
-
@Jason said:
@scottalanmiller said:
@Jason said:
Exchange is best not virtualized.
Why? What artifact of Exchange would make it be that way? This goes against both industry knowledge and how Microsoft runs their own Exchange servers.
I should say not virtualized in the sense that it runs on shared storage and does automated Vmotion.
Oh, well yeah, of course it should not do that - you should be using application level reliability, not hardware based. If it's really needed.
-
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
-
@Jason said:
Exchange is best not virtualized.
Actually a third party mail server (MDaemon), not Exchange.
-
@scottalanmiller said:
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Um, that's against Best practice and causes AD DNS issues. @Rob-Dunn would fuss at you for that one.
-
@Jason said:
I should say not virtualized in the sense that it runs on shared storage and does automated Vmotion. Exchange level failovers are much better.
Ah yes, in that case, I totally agree. Virtualize but don't use shared storage of any sort. Application level high availability via the DAG groups is how it "should" be handled. And how Office 365 and any large environment that I know of would be handling it.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Yeah, that's been less than successful for me in that past. Once the PC fails to the second or third DNS (which by itself even in Windows 7 seems to take forever) the machine will never failback. You have to reboot, or at least refresh IP to get it to go back.
But it's definitely an option, and one I would use in this case.
-
@Jason said:
@scottalanmiller said:
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Um, that's against Best practice and causes AD DNS issues. @Rob-Dunn would fuss at you for that one.
It would only cause AD issue in a case where AD has failed.... meaning AD issues are moot. It's the best practice that I am aware of for an environment without a need for AD failover.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Yeah, that's been less than successful for me in that past. Once the PC fails to the second or third DNS (which by itself even in Windows 7 seems to take forever) the machine will never failback. You have to reboot, or at least refresh IP to get it to go back.
But it's definitely an option, and one I would use in this case.
You have the entries already in the PCs and they never fail back? That seems odd.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Yeah, that's been less than successful for me in that past. Once the PC fails to the second or third DNS (which by itself even in Windows 7 seems to take forever) the machine will never failback. You have to reboot, or at least refresh IP to get it to go back.
But it's definitely an option, and one I would use in this case.
You have the entries already in the PCs and they never fail back? That seems odd.
Nope, they never try DNS 1 again until DNS 2 fails to 2, which then fails again back to 1.
-
Well, even if I wanted to keep the backup DC, I could install Server 2012 on a desktop I have here, and at least save the cost of a second server.
That wouldn't be crazy, right? Other than the license cost.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Yeah, that's been less than successful for me in that past. Once the PC fails to the second or third DNS (which by itself even in Windows 7 seems to take forever) the machine will never failback. You have to reboot, or at least refresh IP to get it to go back.
But it's definitely an option, and one I would use in this case.
You have the entries already in the PCs and they never fail back? That seems odd.
Nope, they never try DNS 1 again until DNS 2 fails to 2, which then fails again back to 1.
You could block 8.8.8.8 and 8.8.4.4 at the firewall temporarily to force them back I guess
-
@BRRABill said:
Well, even if I wanted to keep the backup DC, I could install Server 2012 on a desktop I have here, and at least save the cost of a second server.
That wouldn't be crazy, right? Other than the license cost.
It's not crazy at all. Since it's free and just adding extra redundancy.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@BRRABill said:
For DC redundancy. I really don't want to roll with one DC.
What makes you so dependent on Active Directory? I've had AD go down for two weeks and not one user even mentioned it. That's atypical, but my point is that on its own AD is designed to be able to go offline for long periods of time with little or no impact. What's the specific risk that you are facing?
Well I don't know about him, not that this is an advocate for requiring dual AD boxes, but I know that I run all internet DNS queries through my AD DNS box. If I only have one, then basically the internet is down for me as well as the AD box.
Should not be. You just set your secondary and tertiary DNS entries via DHCP to Google and voila, problem fixed.
Yeah, that's been less than successful for me in that past. Once the PC fails to the second or third DNS (which by itself even in Windows 7 seems to take forever) the machine will never failback. You have to reboot, or at least refresh IP to get it to go back.
But it's definitely an option, and one I would use in this case.
You have the entries already in the PCs and they never fail back? That seems odd.
Nope, they never try DNS 1 again until DNS 2 fails to 2, which then fails again back to 1.
You could block 8.8.8.8 and 8.8.4.4 at the firewall temporarily to force them back I guess
LOL I suppose I could.
-
@Dashrender said:
Nope, they never try DNS 1 again until DNS 2 fails to 2, which then fails again back to 1.
@Dashrender is correct here. I have seen this more than once, and this is why I refuse to put any external DNS entry in my local machines.
If I have an AD environment with only a single internal DNS server I will give the router as a secondary DNS. The router itself will look to the internal DNS first and then to google second.
-
@scottalanmiller said:
@BRRABill said:
Well, even if I wanted to keep the backup DC, I could install Server 2012 on a desktop I have here, and at least save the cost of a second server.
That wouldn't be crazy, right? Other than the license cost.
It's not crazy at all. Since it's free and just adding extra redundancy.
It's not free, it's $800 and it's another box he has to maintain.
-
@scottalanmiller said:
It's not crazy at all. Since it's free and just adding extra redundancy.
Well, other than the license cost.
-
If you really want a solution for a second DC, I'd buy a Unitrends appliance. Then if the AD VM fails, you can spin up the AD VM on the Unitrends box and be back online in under an hour normally.
This gives you your sorta 2nd DC and your backup solution.