check out the thread on "W2K3 Std. vs. Ent. for DCs /
x64"
=> Std. Edition is usually fine; mostly depends on your
memory requirements for caching the DIT (AD Database) - best to go directly
to Win2003x64 (especially if you happen to rollout new HW)
/Guido From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Simon Bembridge Sent: Montag, 13. Februar 2006 23:02 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Script to transfer FSMO roles. Dean All sounds good. We are
creating a single domain, two core main sites with around 60 branch office world
wide. Each core site has 2 X DC, will be W2K3 R2 once we get are heads around
the new product. At first we are working with W2K3 SP1. DC will be Server
Standard, Exch W2K3. A bit of citrix, and unix (Vintela for SSO) lots to think
about. We are just doing a bit of AD proving at the moment and I will write up
the FSMO transfer/seizure scenarios. Is their any really
advantage over the server additions :- Standard vs My feeling and what I
have seen in the past, that standard fits the build for a DC build.
Simon From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Dean
Wells Not that's springing to
mind. Some related thoughts - * inbound replication
is single threaded (i.e. no concurrency limitation is
required) * in 2k, 15 mins.
represented the anticipated end-to-end replication within a
site * the KCC in 2k3 is
capable of load-balancing bridgeheads * the min. polled
replication interval between DCs in different sites is 15
mins. * the KCC in 2k is
limited; assuming ((domain+1) * sites^2)
<=100,000 -- then all is good * the KCC in 2k3 is
also limited but to a lesser extent; assuming ((domain+1) * sites)
<=100,000 -- then all is good Assuming you have a
single domain (or less than ~10 total domain & app. partitions combined),
both Windows 2000 and Windows 2003 KCC/ISTGs will more than
suffice. -- From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Simon
Bembridge Yep I love spell
checker, also have four kids running around the house at the moment ready for a
pig out at TGI’s. I do not know why but I am sure I read somewhere that a
bridgehead server had a threshold of 15 inbound replication partners. We have
two core sites with 2 x DC in both and around 64 branch offices. We were going
to let the KCC sort it all out for us but just have this niggling doubt about
the 15 limit I am sure I read or dreamt somewhere. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Dean
Wells Can you elaborate on
what you mean by "replication threshold" (or fresh hold if you prefer ... gotta
love spell checkers :o)? -- From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Simon
Bembridge Jorge, Yes it is a test
environment we will be doing it in. So much going on. Also just a quick
question, is there a Inbound – Outbound replication fresh hold for a site
bridgehead server?? I have read somewhere that it is 15? Not sure how this has
changed with R2 also as we are still awaiting the software to install and
trial. Simon From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Almeida Pinto, Jorge
de Are you
saying...."simulating the procedure in the production environment by seizing the
FSMO roles" ? don't do that! use a test
environment that is a correct representation of the production environment to do
your tests! jorge From:
[EMAIL PROTECTED] on behalf of Simon Bembridge Jorge, If
we are simulating a DR scenario running the script on the backup FSMO serve in
site 2 will not be a problem?? Simon From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Almeida Pinto, Jorge
de run the script on the DC that
should host the FSMO role(s) or replace %COMPUTERNAME% with %1 and use the name
of the new FSMO role holder as an argument. Make sure to adjust the script
concerning the FSMO roles that should be
seized/transfered -->
Seize-Domain-FSMO-Roles.cmd NTDSUTIL ROLES CONNECTIONS
"CONNECT TO SERVER %COMPUTERNAME%" QUIT "Seize infrastructure master" "Seize RID
master" "Seize PDC" QUIT QUIT -->
Seize-Forest-FSMO-Roles.cmd NTDSUTIL
ROLES CONNECTIONS "CONNECT TO SERVER %COMPUTERNAME%" QUIT "Seize domain naming
master" "Seize schema master" QUIT QUIT -->
Transfer-Domain-FSMO-Roles.cmd NTDSUTIL ROLES CONNECTIONS
"CONNECT TO SERVER %COMPUTERNAME%" QUIT "Transfer infrastructure master"
"Transfer RID master" "Transfer PDC" QUIT QUIT -->
Transfer-Forest-FSMO-Roles.cmd NTDSUTIL ROLES CONNECTIONS
"CONNECT TO SERVER %COMPUTERNAME%" QUIT "Transfer domain naming master"
"Transfer schema master" QUIT QUIT cheers, Jorge From:
[EMAIL PROTECTED] on behalf of Simon Bembridge Hi
All, This e-mail and any attachment is
for authorised use by the intended recipient(s) only. It may contain proprietary
material, confidential information and/or be subject to legal privilege. It
should not be copied, disclosed to, retained or used by, any other party. If you
are not an intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank
you. |
Title: [ActiveDir] Script to transfer FSMO roles.
- RE: [ActiveDir] Script to transfer FSMO roles. Grillenmeier, Guido