ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    When You Think That You Need a Physical Server...

    Scheduled Pinned Locked Moved IT Discussion
    virtualizationarticlescott alan miller
    29 Posts 10 Posters 4.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • coliverC
      coliver @EddieJennings
      last edited by

      @EddieJennings said in When You Think That You Need a Physical Server...:

      @coliver said in When You Think That You Need a Physical Server...:

      @EddieJennings said in When You Think That You Need a Physical Server...:

      @coliver said in When You Think That You Need a Physical Server...:

      @EddieJennings said in When You Think That You Need a Physical Server...:

      I know there is a best practice that discourages an environment with only one domain controller.

      Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

      Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

      What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

      Right. On the other hand how usable is the old box? Could it be a VM host?

      Possibly. It's a 7 year old machine with a Intel Q8400 processor, 8 GB (max) RAM, and Intel FakeRAID. It was purchased when I was still a band director.

      Haha. Nope.

      EddieJenningsE 1 Reply Last reply Reply Quote 2
      • EddieJenningsE
        EddieJennings @JaredBusch
        last edited by

        @JaredBusch Oh the things I've learned, realized, and finally thought through during my first 3 years in IT.

        1 Reply Last reply Reply Quote 0
        • EddieJenningsE
          EddieJennings @coliver
          last edited by

          @coliver But, but. It still powers on, and "runs like a charm." 😛

          1 Reply Last reply Reply Quote 0
          • wirestyle22W
            wirestyle22 @JaredBusch
            last edited by

            @JaredBusch said in When You Think That You Need a Physical Server...:

            @EddieJennings said in When You Think That You Need a Physical Server...:

            @coliver said in When You Think That You Need a Physical Server...:

            @EddieJennings said in When You Think That You Need a Physical Server...:

            I know there is a best practice that discourages an environment with only one domain controller.

            Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

            Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

            What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

            Who cares what some paper from the company selling you the licensing says.

            What does your company need?

            I have never used two domain controllers in the SMB space. Even before virtualization at my clients.

            It is simply not something needed.

            You don't think the downtime justified the cost for a SMB I'm assuming and load balancing isn't a concern

            coliverC 1 Reply Last reply Reply Quote 0
            • coliverC
              coliver @wirestyle22
              last edited by coliver

              @wirestyle22 said in When You Think That You Need a Physical Server...:

              @JaredBusch said in When You Think That You Need a Physical Server...:

              @EddieJennings said in When You Think That You Need a Physical Server...:

              @coliver said in When You Think That You Need a Physical Server...:

              @EddieJennings said in When You Think That You Need a Physical Server...:

              I know there is a best practice that discourages an environment with only one domain controller.

              Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

              Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

              What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

              Who cares what some paper from the company selling you the licensing says.

              What does your company need?

              I have never used two domain controllers in the SMB space. Even before virtualization at my clients.

              It is simply not something needed.

              You don't think the downtime justified the cost for a SMB I'm assuming and load balancing isn't a concern

              Rarely is downtime worth the cost of mitigating it in an SMB environment. They often don't actually understand what the true cost of downtime is and exaggerate it more often then not. If you're getting enough requests that you're hitting a performance threshold on the domain controller then you may be out of the SMB space.

              travisdh1T scottalanmillerS 2 Replies Last reply Reply Quote 2
              • travisdh1T
                travisdh1 @coliver
                last edited by travisdh1

                @coliver said in When You Think That You Need a Physical Server...:

                @wirestyle22 said in When You Think That You Need a Physical Server...:

                @JaredBusch said in When You Think That You Need a Physical Server...:

                @EddieJennings said in When You Think That You Need a Physical Server...:

                @coliver said in When You Think That You Need a Physical Server...:

                @EddieJennings said in When You Think That You Need a Physical Server...:

                I know there is a best practice that discourages an environment with only one domain controller.

                Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

                Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

                What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

                Who cares what some paper from the company selling you the licensing says.

                What does your company need?

                I have never used two domain controllers in the SMB space. Even before virtualization at my clients.

                It is simply not something needed.

                You don't think the downtime justified the cost for a SMB I'm assuming and load balancing isn't a concern

                Rarely is downtime worth the cost of mitigating it in an SMB environment. They often don't actually understand what the true cost of downtime is and exaggerate it more often then not. If you're getting enough requests that you're hitting a performance threshold on the domain controller then you may be out of the SMB space.

                If you're getting enough requests that you're hitting a performance threshold on the domain controller then you are out of the SMB space.

                wirestyle22W scottalanmillerS 2 Replies Last reply Reply Quote 1
                • wirestyle22W
                  wirestyle22 @travisdh1
                  last edited by

                  @travisdh1 @coliver Right. Makes sense to me.

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @EddieJennings
                    last edited by

                    @EddieJennings said in When You Think That You Need a Physical Server...:

                    I know there is a best practice that discourages an environment with only one domain controller.

                    At best that is a "standard pattern", it is not even exactly a rule of thumb and absolutely not a "best practice."

                    The best practice that would apply here is to "evaluate the risk/cost/reward for a second DC vs. AD downtime" to determine what value there is in a second DC.

                    1 Reply Last reply Reply Quote 1
                    • scottalanmillerS
                      scottalanmiller @EddieJennings
                      last edited by

                      @EddieJennings said in When You Think That You Need a Physical Server...:

                      It seems to make sense to keep one on its own physical server as if the hyper-v host goes down...

                      Thats the point of the article here... if you feel that way, step back because somewhere there is confusion. There definitely should never be a physical DC.

                      EddieJenningsE 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @EddieJennings
                        last edited by

                        @EddieJennings said in When You Think That You Need a Physical Server...:

                        Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

                        Yes, they sell those, so they recommend buying more of them 🙂

                        1 Reply Last reply Reply Quote 1
                        • scottalanmillerS
                          scottalanmiller @EddieJennings
                          last edited by

                          @EddieJennings said in When You Think That You Need a Physical Server...:

                          @coliver said in When You Think That You Need a Physical Server...:

                          @EddieJennings said in When You Think That You Need a Physical Server...:

                          @coliver said in When You Think That You Need a Physical Server...:

                          @EddieJennings said in When You Think That You Need a Physical Server...:

                          I know there is a best practice that discourages an environment with only one domain controller.

                          Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

                          Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

                          What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

                          Right. On the other hand how usable is the old box? Could it be a VM host?

                          Possibly. It's a 7 year old machine with a Intel Q8400 processor, 8 GB (max) RAM, and Intel FakeRAID. It was purchased when I was still a band director.

                          That definitely can be. That's like double the necessary memory for this, but nice to have that much obviously. That it is FakeRAID actually is a point towards the importance of virtualizing as that will provide a path to fixing that.

                          1 Reply Last reply Reply Quote 0
                          • EddieJenningsE
                            EddieJennings @scottalanmiller
                            last edited by

                            @scottalanmiller said in When You Think That You Need a Physical Server...:

                            @EddieJennings said in When You Think That You Need a Physical Server...:

                            It seems to make sense to keep one on its own physical server as if the hyper-v host goes down...

                            Thats the point of the article here... if you feel that way, step back because somewhere there is confusion. There definitely should never be a physical DC.

                            Yep. Such articles give still-learning folks like me some clarity and confirmation about things we've considered. Since joining Mangolassi, my eyes have been opened to many things -- inside and outside the scope of this article.

                            1 Reply Last reply Reply Quote 1
                            • scottalanmillerS
                              scottalanmiller @travisdh1
                              last edited by

                              @travisdh1 said in When You Think That You Need a Physical Server...:

                              @coliver said in When You Think That You Need a Physical Server...:

                              @wirestyle22 said in When You Think That You Need a Physical Server...:

                              @JaredBusch said in When You Think That You Need a Physical Server...:

                              @EddieJennings said in When You Think That You Need a Physical Server...:

                              @coliver said in When You Think That You Need a Physical Server...:

                              @EddieJennings said in When You Think That You Need a Physical Server...:

                              I know there is a best practice that discourages an environment with only one domain controller.

                              Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

                              Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

                              What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

                              Who cares what some paper from the company selling you the licensing says.

                              What does your company need?

                              I have never used two domain controllers in the SMB space. Even before virtualization at my clients.

                              It is simply not something needed.

                              You don't think the downtime justified the cost for a SMB I'm assuming and load balancing isn't a concern

                              Rarely is downtime worth the cost of mitigating it in an SMB environment. They often don't actually understand what the true cost of downtime is and exaggerate it more often then not. If you're getting enough requests that you're hitting a performance threshold on the domain controller then you may be out of the SMB space.

                              If you're getting enough requests that you're hitting a performance threshold on the domain controller then you are out of the SMB space.

                              Way out 🙂 That would be hugemongous. And you can scale up a lot before you scale out. Add SSDs, add RAM... one DC can do a LOT.

                              1 Reply Last reply Reply Quote 1
                              • scottalanmillerS
                                scottalanmiller @coliver
                                last edited by

                                @coliver said in When You Think That You Need a Physical Server...:

                                @wirestyle22 said in When You Think That You Need a Physical Server...:

                                @JaredBusch said in When You Think That You Need a Physical Server...:

                                @EddieJennings said in When You Think That You Need a Physical Server...:

                                @coliver said in When You Think That You Need a Physical Server...:

                                @EddieJennings said in When You Think That You Need a Physical Server...:

                                I know there is a best practice that discourages an environment with only one domain controller.

                                Why? Do you really need two domain controllers? How many authentications are you doing? How much downtime can you afford? Would it be better to have a single domain controller on a VM that you can backup and restore in a few minutes versus having two running at all times?

                                Why = because a document from Microsoft said so and at the time when I made our domain I didn't know any better :).

                                What you're asking me is what I'm asking myself, which moves me to the conclusion that when it's time to make the VM for the accounting software, the old box should just go away. Especially since my tiny number of users would be able to log into their workstations with cached credentials until I can get the domain controller VM functioning again.

                                Who cares what some paper from the company selling you the licensing says.

                                What does your company need?

                                I have never used two domain controllers in the SMB space. Even before virtualization at my clients.

                                It is simply not something needed.

                                You don't think the downtime justified the cost for a SMB I'm assuming and load balancing isn't a concern

                                Rarely is downtime worth the cost of mitigating it in an SMB environment. They often don't actually understand what the true cost of downtime is and exaggerate it more often then not. If you're getting enough requests that you're hitting a performance threshold on the domain controller then you may be out of the SMB space.

                                And authentication often has a near zero impact for short durations. A DC down could easily go 30 minutes and literally have no one notice.

                                1 Reply Last reply Reply Quote 1
                                • 1
                                • 2
                                • 1 / 2
                                • First post
                                  Last post