Re: [ActiveDir] Improving your AD's fault tolerance with old hardware?
Thanks for all your feedback guys. I am off to do some promoting, member server promoting that is. ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
Even outside of Exchange I think it depends on how fast the box actually is and how hard you hit AD. For a box in the closet to offer a get out of jail because everything else fails... Ok. But I would be concerned that other machines you don't think of normally as much as you think of Exchange could find the DC and start using it and get suboptimal perf from it. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, November 08, 2005 11:08 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I'd go along with Ed here. I can't see too much risk with this approach. I wouldn't assign any of the FSMO roles to the old hardware DC, simply because of the hassle in seizing the roles elsewhere in the event of a severe hardware failure. No problem with making the DC as GC though. Another option to consider is setting up a lag site with the old hardware DC. This can be useful for some recovery scenarios as well as the safe introduction of schema changes. Search the list archive for recent posts on the lag site concept. It is important to ensure that whatever hardware you use is sufficient for the task. There are published minimum requirements for Windows Server 2003, but you should also determine what is the minimum required for your own environment. A scenario I have in mind is if you have Exchange 2003 running in your environment you perhaps don't want it to be using an old DC/GC that's running like a dog. :-) Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, 9 November 2005 2:59 p.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I remember back in the days of our old 3500-user NT 4.0 domain, back when I ran an administration group. We had a nice ProLiant server that was a 486. We only had one of those. But because it was manageable through Insight Agents, we decided to keep it and made it our PDC, since it wasn't terribly useful for anything else. We figured that if it were to die, we'd just junk it and promote another server. It never did die while I was there, and it performed fine. So, although the hardware sales guys at my current employer would crucify me for saying this, I can't disagree with your approach. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: Tuesday, November 08, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Improving your AD's fault tolerance with old hardware? Correct me if I am wrong, but assuming the more DC's you have in your forest, the more fault tolerant your Active Directory will become, is it therefore worth it to use retired, possibly out of (hardware) warranty servers or workstations for this purpose if you are budget-less (to purchase new servers)? In this case, I am referring to orgs with 20-200 AD users. How about GC's and other related AD roles and critical software based services? Same deal? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
Don't mean to call you out, Joe, but .. Didn't you use to run the PDC for that Widget factory on a very small (no, itsy-bitsy) hardware? And didn't you explain at that time that there was no sense in putting it on one of the beefy Dells we were purchasing around that time? And didn't run seamlessly and adequately (discounting the WINS gyrations)? I'd think you'd be a champion for the don't need an enterprise hardware for such mundane task crowd :). I personally have to also second Ed's opinion on this - it's better to have a second DC even on crappy hardware than it is to have none at all because of budget constraints. Sincerely, Dèjì Akómöláfé, MCSE+M MCSA+M MCT Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of joe Sent: Wed 11/9/2005 8:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? Even outside of Exchange I think it depends on how fast the box actually is and how hard you hit AD. For a box in the closet to offer a get out of jail because everything else fails... Ok. But I would be concerned that other machines you don't think of normally as much as you think of Exchange could find the DC and start using it and get suboptimal perf from it. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, November 08, 2005 11:08 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I'd go along with Ed here. I can't see too much risk with this approach. I wouldn't assign any of the FSMO roles to the old hardware DC, simply because of the hassle in seizing the roles elsewhere in the event of a severe hardware failure. No problem with making the DC as GC though. Another option to consider is setting up a lag site with the old hardware DC. This can be useful for some recovery scenarios as well as the safe introduction of schema changes. Search the list archive for recent posts on the lag site concept. It is important to ensure that whatever hardware you use is sufficient for the task. There are published minimum requirements for Windows Server 2003, but you should also determine what is the minimum required for your own environment. A scenario I have in mind is if you have Exchange 2003 running in your environment you perhaps don't want it to be using an old DC/GC that's running like a dog. :-) Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, 9 November 2005 2:59 p.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I remember back in the days of our old 3500-user NT 4.0 domain, back when I ran an administration group. We had a nice ProLiant server that was a 486. We only had one of those. But because it was manageable through Insight Agents, we decided to keep it and made it our PDC, since it wasn't terribly useful for anything else. We figured that if it were to die, we'd just junk it and promote another server. It never did die while I was there, and it performed fine. So, although the hardware sales guys at my current employer would crucify me for saying this, I can't disagree with your approach. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: Tuesday, November 08, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Improving your AD's fault tolerance with old hardware? Correct me if I am wrong, but assuming the more DC's you have in your forest, the more fault tolerant your Active Directory will become, is it therefore worth it to use retired, possibly out of (hardware) warranty servers or workstations for this purpose if you are budget-less (to purchase new servers)? In this case, I am referring to orgs with 20-200 AD users. How about GC's and other related AD roles and critical software based services? Same deal? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
Of course, my lack of concern with his proposal was contingent upon the validity of his assumption that performance wouldn't be an issue. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Wednesday, November 09, 2005 8:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? Even outside of Exchange I think it depends on how fast the box actually is and how hard you hit AD. For a box in the closet to offer a get out of jail because everything else fails... Ok. But I would be concerned that other machines you don't think of normally as much as you think of Exchange could find the DC and start using it and get suboptimal perf from it. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, November 08, 2005 11:08 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I'd go along with Ed here. I can't see too much risk with this approach. I wouldn't assign any of the FSMO roles to the old hardware DC, simply because of the hassle in seizing the roles elsewhere in the event of a severe hardware failure. No problem with making the DC as GC though. Another option to consider is setting up a lag site with the old hardware DC. This can be useful for some recovery scenarios as well as the safe introduction of schema changes. Search the list archive for recent posts on the lag site concept. It is important to ensure that whatever hardware you use is sufficient for the task. There are published minimum requirements for Windows Server 2003, but you should also determine what is the minimum required for your own environment. A scenario I have in mind is if you have Exchange 2003 running in your environment you perhaps don't want it to be using an old DC/GC that's running like a dog. :-) Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, 9 November 2005 2:59 p.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I remember back in the days of our old 3500-user NT 4.0 domain, back when I ran an administration group. We had a nice ProLiant server that was a 486. We only had one of those. But because it was manageable through Insight Agents, we decided to keep it and made it our PDC, since it wasn't terribly useful for anything else. We figured that if it were to die, we'd just junk it and promote another server. It never did die while I was there, and it performed fine. So, although the hardware sales guys at my current employer would crucify me for saying this, I can't disagree with your approach. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: Tuesday, November 08, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Improving your AD's fault tolerance with old hardware? Correct me if I am wrong, but assuming the more DC's you have in your forest, the more fault tolerant your Active Directory will become, is it therefore worth it to use retired, possibly out of (hardware) warranty servers or workstations for this purpose if you are budget-less (to purchase new servers)? In this case, I am referring to orgs with 20-200 AD users. How about GC's and other related AD roles and critical software based services? Same deal? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
Under NT4 we had crappy hardware for the two NA domains (actually 2 DCs for each domain split across the NA datacenters). But I went into a morning management meeting and said that we were ready to die any day and needed more hardware and went to the systems integration people and said we needed 2K because we have SAMs 80MB. I got the new hardware and offloaded functionality (WINS) across to the other machines. Once we had 2K we had budget for some new machines and the PDCs were absolutely on new hardware, I clearly recall sitting in the datacenter one morning with a bunch of system integration folks standing behind me while I converted the old machines to 2K and pushed the FSMOs over to the new hardware with a fresh 2K load. We did however reload the old DCs and keep them up and running but that was not my personal choice because they were definitely slower. The saving grace was that all traffic at that time was strictly NOS based auth/authz. There were no LDAP apps and Exchange played in its own sandbox. The PDCs have always been coddled by me whenever possible. I am not one of the people running around saying AD doesn't have a PDC. It was the one special DC in every domain that had me running when it hiccuped. There were no other special DCs until Exchange 2K spun up and then every DC in the Exchange Sites became special as well due to the Exchange/Outlook rough failover mechanisms. If an Exchange DC starts screwing up, it either needs to be fixed or off the network ASAP. Also, even with that new hardware you may recall (I think you were still around) we ran into an issue with the SE MI NA Domain PDC puking out every morning because it would get all bunched up. That ended up being a combination of load and its NetBIOS resolution mode being set to H-Node instead of P-Node. I am not saying DON'T use older hardware. I am saying be careful where you place it and what will use it. It could bite you hard. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, November 09, 2005 12:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? Don't mean to call you out, Joe, but .. Didn't you use to run the PDC for that Widget factory on a very small (no, itsy-bitsy) hardware? And didn't you explain at that time that there was no sense in putting it on one of the beefy Dells we were purchasing around that time? And didn't run seamlessly and adequately (discounting the WINS gyrations)? I'd think you'd be a champion for the don't need an enterprise hardware for such mundane task crowd :). I personally have to also second Ed's opinion on this - it's better to have a second DC even on crappy hardware than it is to have none at all because of budget constraints. Sincerely, Dèjì Akómöláfé, MCSE+M MCSA+M MCT Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of joe Sent: Wed 11/9/2005 8:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? Even outside of Exchange I think it depends on how fast the box actually is and how hard you hit AD. For a box in the closet to offer a get out of jail because everything else fails... Ok. But I would be concerned that other machines you don't think of normally as much as you think of Exchange could find the DC and start using it and get suboptimal perf from it. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, November 08, 2005 11:08 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I'd go along with Ed here. I can't see too much risk with this approach. I wouldn't assign any of the FSMO roles to the old hardware DC, simply because of the hassle in seizing the roles elsewhere in the event of a severe hardware failure. No problem with making the DC as GC though. Another option to consider is setting up a lag site with the old hardware DC. This can be useful for some recovery scenarios as well as the safe introduction of schema changes. Search the list archive for recent posts on the lag site concept. It is important to ensure that whatever hardware you use is sufficient for the task. There are published minimum requirements for Windows Server 2003, but you should also determine what is the minimum required for your own environment. A scenario I have in mind is if you have Exchange 2003 running in your environment you perhaps don't want it to be using an old DC/GC that's running like a dog. :-) Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, 9
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
I remember back in the days of our old 3500-user NT 4.0 domain, back when I ran an administration group. We had a nice ProLiant server that was a 486. We only had one of those. But because it was manageable through Insight Agents, we decided to keep it and made it our PDC, since it wasn't terribly useful for anything else. We figured that if it were to die, we'd just junk it and promote another server. It never did die while I was there, and it performed fine. So, although the hardware sales guys at my current employer would crucify me for saying this, I can't disagree with your approach. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: Tuesday, November 08, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Improving your AD's fault tolerance with old hardware? Correct me if I am wrong, but assuming the more DC's you have in your forest, the more fault tolerant your Active Directory will become, is it therefore worth it to use retired, possibly out of (hardware) warranty servers or workstations for this purpose if you are budget-less (to purchase new servers)? In this case, I am referring to orgs with 20-200 AD users. How about GC's and other related AD roles and critical software based services? Same deal? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
I'd go along with Ed here. I can't see too much risk with this approach. I wouldn't assign any of the FSMO roles to the old hardware DC, simply because of the hassle in seizing the roles elsewhere in the event of a severe hardware failure. No problem with making the DC as GC though. Another option to consider is setting up a lag site with the old hardware DC. This can be useful for some recovery scenarios as well as the safe introduction of schema changes. Search the list archive for recent posts on the lag site concept. It is important to ensure that whatever hardware you use is sufficient for the task. There are published minimum requirements for Windows Server 2003, but you should also determine what is the minimum required for your own environment. A scenario I have in mind is if you have Exchange 2003 running in your environment you perhaps don't want it to be using an old DC/GC that's running like a dog. :-) Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, 9 November 2005 2:59 p.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Improving your AD's fault tolerance with old hardware? I remember back in the days of our old 3500-user NT 4.0 domain, back when I ran an administration group. We had a nice ProLiant server that was a 486. We only had one of those. But because it was manageable through Insight Agents, we decided to keep it and made it our PDC, since it wasn't terribly useful for anything else. We figured that if it were to die, we'd just junk it and promote another server. It never did die while I was there, and it performed fine. So, although the hardware sales guys at my current employer would crucify me for saying this, I can't disagree with your approach. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: Tuesday, November 08, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Improving your AD's fault tolerance with old hardware? Correct me if I am wrong, but assuming the more DC's you have in your forest, the more fault tolerant your Active Directory will become, is it therefore worth it to use retired, possibly out of (hardware) warranty servers or workstations for this purpose if you are budget-less (to purchase new servers)? In this case, I am referring to orgs with 20-200 AD users. How about GC's and other related AD roles and critical software based services? Same deal? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Improving your AD's fault tolerance with old hardware?
Hi Danny, I also agree that using not state-of-the-art hardware is better than missing redundancy. I've done multiple lag-site dcs virtualized on one physical hardware, used clients or virtual machines for domain migrations as the update server, and would also recommend to use better older hardware for an additional DC than just using a single DC. It's always the game of defining how much money to spend to get what level of redundancy. Is it likely that you have a AD failure _and_ the old hardware decides to pay the dept of nature? What I'd make sure: - primarily keep the users on the better hardware using the SRV-Record priorities - define how long it'll take you to fix the better DC in case of an failure - evaluate how many users need to be supported working in the office (-holidays, mobile users,...) - make sure that the old hardware is able to support those users for the time defined above, if not look if you are able to get more DC or upgrade something e.g. RAM until the hardware would be able to support your business Bottom point - you don't want the old hardware failing b/c of being badly scaled and that it'll only fail if the primary DC is going down. My 0,02€ Ulf |-Original Message- |From: [EMAIL PROTECTED] |[mailto:[EMAIL PROTECTED] On Behalf Of Danny |Sent: Wednesday, November 09, 2005 12:50 AM |To: ActiveDir@mail.activedir.org |Subject: [ActiveDir] Improving your AD's fault tolerance with |old hardware? | |Correct me if I am wrong, but assuming the more DC's you have |in your forest, the more fault tolerant your Active Directory |will become, is it therefore worth it to use retired, possibly |out of (hardware) warranty servers or workstations for this |purpose if you are budget-less (to purchase new servers)? In |this case, I am referring to orgs with 20-200 AD users. | |How about GC's and other related AD roles and critical |software based services? Same deal? | |Thank you, | |...D |List info : http://www.activedir.org/List.aspx |List FAQ: http://www.activedir.org/ListFAQ.aspx |List archive: |http://www.mail-archive.com/activedir%40mail.activedir.org/ | List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Improving your AD's fault tolerance with old hardware?
As the terrible lurker that I am and representing the around 20ish AD crowd the SBS support crew in Los Colinas actually report that in their setups they throw a Virtual Server on a beefy workstation, load up a server OS and have the additional domain controller there in a virtual setting to set up redundancy. Now just given that I finally migrated over to my 'hacked to join a domain, I don't need no Xbox Extenders thank you very much MCE that has 2 gig of RAM I might try it out here at home. Ulf B. Simon-Weidner wrote: Hi Danny, I also agree that using not state-of-the-art hardware is better than missing redundancy. I've done multiple lag-site dcs virtualized on one physical hardware, used clients or virtual machines for domain migrations as the update server, and would also recommend to use better older hardware for an additional DC than just using a single DC. It's always the game of defining how much money to spend to get what level of redundancy. Is it likely that you have a AD failure _and_ the old hardware decides to pay the dept of nature? What I'd make sure: - primarily keep the users on the better hardware using the SRV-Record priorities - define how long it'll take you to fix the better DC in case of an failure - evaluate how many users need to be supported working in the office (-holidays, mobile users,...) - make sure that the old hardware is able to support those users for the time defined above, if not look if you are able to get more DC or upgrade something e.g. RAM until the hardware would be able to support your business Bottom point - you don't want the old hardware failing b/c of being badly scaled and that it'll only fail if the primary DC is going down. My 0,02€ Ulf |-Original Message- |From: [EMAIL PROTECTED] |[mailto:[EMAIL PROTECTED] On Behalf Of Danny |Sent: Wednesday, November 09, 2005 12:50 AM |To: ActiveDir@mail.activedir.org |Subject: [ActiveDir] Improving your AD's fault tolerance with |old hardware? | |Correct me if I am wrong, but assuming the more DC's you have |in your forest, the more fault tolerant your Active Directory |will become, is it therefore worth it to use retired, possibly |out of (hardware) warranty servers or workstations for this |purpose if you are budget-less (to purchase new servers)? In |this case, I am referring to orgs with 20-200 AD users. | |How about GC's and other related AD roles and critical |software based services? Same deal? | |Thank you, | |...D |List info : http://www.activedir.org/List.aspx |List FAQ: http://www.activedir.org/ListFAQ.aspx |List archive: |http://www.mail-archive.com/activedir%40mail.activedir.org/ | List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/