I need some advice on setting up a domain. I have 7 hp dl380g4p servers. Each server has a copy of server 2008 r2 standard except one has web server 2008. I am trying to figure out the best way to setup my network. Here is my idea. server 1 is the DC, AD, and file server Server 2 host the program we run Server 3 has file duplication of the program data files and can be ready to run if server 2 fails Server 4 run exchange server and host email and calendars Server 5 host website we then have 2 spare servers for parts or replacements...Is this the best way to do this? Also on the server that host the website should I use webserver or standard 2008 to do that? Thanks in advance, John

Looks good but I probably wouldn't put the file server role on DC. Also may want one of the spares as a second DC for failover protection. I'd ask them here about the web server. http://forums.iis.net/ Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]

Ok I'll move the file server off the DC. So if I make server #6 a backup DC and enable GC how would it work if the primary DC goes down? Would users still be able to sign into their accounts or would the second server take over that role without any changing of settings?

Yes it should work that way. Some good reading here. http://technet.microsoft.com/en-us/library/cc753720(WS.10).aspx http://social.technet.microsoft.com/Forums/hu/winserverNIS/thread/028e6963-5cad-412e-adfb-ff8542f66243 http://www.petri.co.il/forums/showthread.php?t=32538 Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]

Hi, Personally I would do the following: Server1 - DC, AD, File Server and Exchange Server 2 - Host Programme Server 3 - Backup Server For Programme (Set up a DNS entry for your software on Server 2, where the primary IP is Server 1 and the Secondary IP is Server 2 - This is assuming Synchonous replication is in place) Server 4 - Backup for Server 1 - DC, AD, File Server and Exchange in the event of failure (Again set up DNS for AD1 and AD2 for smooth failover with same assumptions) Server 5 - Web box (Put this on its own VLAN or DMZ to ensure maximum network security for your company. Best use Webserver if your needs are windows based OR if unix and Windows based, set up Server 2008 and install HyperV to run 2 VM's one with linux/unix based web server and one Windows based web server. Hope it works out! Martin If you find my information useful, please rate it. :-)

FYI its recommended to install exchange on a member server only. Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]

Dave, Thank you for all the tips and in site. Lets say server 1 does fail and I have server 4 set up with dns correctly. (are you saying put primary dns as server 1 and secondary as server 2?) would each server do that on the dns part?

Server1 should act as a Domaiin Controler with acrive directory dns integrated without files server. another 2 spare server which you are talking about should have Server A An additional Domain Controller Server B can act a file server all Alone. The server which you want to host the website should use Windows 2008 r2 webserver which is much secure to host websites. http://www.virmansec.com/blogs/skhairuddin

your right except do the specifica changes as mentioned below Server1 should act as a Domaiin Controler with acrive directory dns integrated without files server. another 2 spare server which you are talking about should have Server A An additional Domain Controller Server B can act a file server all Alone. The server which you want to host the website should use Windows 2008 r2 webserver which is much secure to host websites. http://www.virmansec.com/blogs/skhairuddin

Yes, that's the way to do it. Install AD integrated DNS service on both DC's http://technet.microsoft.com/en-us/library/cc816885(WS.10).aspx Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]

Server 1 PDC with acrive directory dns integrated Server 2 ADC with acrive directory dns integrated and GC (PDC = ADC except FSMO role http://support.microsoft.com/kb/324801) Server 3 host the program you run Server 4 has file duplication of Server 3 Server 5 File Server Server 6 Exchange Server Server 7 Host Website Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/

Above all these suggestions, I recommend you check these infrastructure planning & design documents. Hope this will help you. Thanks

Server 1 PDC with acrive directory dns integrated Server 2 ADC with acrive directory dns integrated and GC (PDC = ADC except FSMO role http://support.microsoft.com/kb/324801) Server 3 host the program you run Server 4 has file duplication of Server 3 Server 5 File Server Server 6 Exchange Server Server 7 Host Website Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/

Let's say I go with M.Abdelhamid's suggestion, on Server 7 would I want to put that on a seperate VLan? If so would you still make it a member of the domain? Also how would profiles work? I don't want to create roaming profiles. I would prefer to just create a share drive on the file server and also each user can store files on their user account via a User drive. Would you keep the user drive on server 1? and if so would you just use file duplication to create that onto server 2? or would GC do that for you? Is there a way to make each workstation have mapped drives and program short cuts (example.exe) icons on the desktop without having to do that for each user? I want each user to have a shortcut on the desktop to run our program on server 1 and server 2 (incase server1 is down) and also to have a mapped drive for Users and for Share. Thanks again for all the help!

on Server 7 would I want to put that on a seperate VLan? If so would you still make it a member of the domain? Try thes links to BEST PRACTICES IN MANAGING WORLD WIDE WEB SERVER SECURITY http://www.boran.com/security/webserver_practices.html http://www.pcmag.com/article2/0,2817,11525,00.asp Also how would profiles work? I don't want to create roaming profiles. I would prefer to just create a share drive on the file server and also each user can store files on their user account via a User drive. You can used Folder rediraction for save profile in file server follow these links http://technet.microsoft.com/en-us/library/cc732275.aspx http://www.windowsnetworking.com/articles_tutorials/profile-folder-redirection-windows-server-2003.html Would you keep the user drive on server 1? and if so would you just use file duplication to create that onto server 2? or would GC do that for you? You would not keep it in server 1 DC is DC no more this is best practice (DC DNS GC ) Is there a way to make each workstation have mapped drives and program short cuts (example.exe) icons on the desktop without having to do that for each user? I want each user to have a shortcut on the desktop to run our program on server 1 and server 2 (incase server1 is down) and also to have a mapped drive for Users and for Share. follow this link to configure and deploy shortcut by Group Policy http://technet.microsoft.com/en-us/library/cc753580.aspx follow this link to configure Map Driver by Group Policy http://technet.microsoft.com/en-us/library/cc770902.aspx I wait you reply. i hope these links solve your problem Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/

on Server 7 would I want to put that on a seperate VLan? If so would you still make it a member of the domain? Try thes links to BEST PRACTICES IN MANAGING WORLD WIDE WEB SERVER SECURITY http://www.boran.com/security/webserver_practices.html http://www.pcmag.com/article2/0,2817,11525,00.asp Also how would profiles work? I don't want to create roaming profiles. I would prefer to just create a share drive on the file server and also each user can store files on their user account via a User drive. You can used Folder rediraction for save profile in file server follow these links http://technet.microsoft.com/en-us/library/cc732275.aspx http://www.windowsnetworking.com/articles_tutorials/profile-folder-redirection-windows-server-2003.html Would you keep the user drive on server 1? and if so would you just use file duplication to create that onto server 2? or would GC do that for you? You would not keep it in server 1 DC is DC no more this is best practice (DC DNS GC ) Is there a way to make each workstation have mapped drives and program short cuts (example.exe) icons on the desktop without having to do that for each user? I want each user to have a shortcut on the desktop to run our program on server 1 and server 2 (incase server1 is down) and also to have a mapped drive for Users and for Share. follow this link to configure and deploy shortcut by Group Policy http://technet.microsoft.com/en-us/library/cc753580.aspx follow this link to configure Map Driver by Group Policy http://technet.microsoft.com/en-us/library/cc770902.aspx I wait you reply. i hope these links solve your problem Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/

Thank you for the links and tips, I will read through these this week. John

Hi John kindly try this links and if your issue is solved. comeback and mark answer post to tell us and anyone what happend and close this post maybe another one need same issue Mohamed Abd Elhamid Abd Elaziz Microsoft System Administrator My blog: http://Mabdelhamid.wordpress.com/

I have followed the link you gave me on setting up a mapped network drive in the group policy, however I am still having troubles. I created a new one and called it "share" I have a hard drive in the server dedicated to a share drive. the location is \\server\share. When I try to find this by browsing I am unable to find anything on my network. So I just manually typed it in. What am I doing wrong? Thanks for the help, John