Server Setup - Opinions?

kiki1579

Hey All,

I'm looking for opinions in the way of my server setup below.

I have 4 W2K8 Ent. Servers, all identical in HW specs. Bottom line, Server 2 is a backup of Server 1 and Server 4 is a backup of Server 3. The tape backups will be on another server /w built tape drives.

My boss wanted me to have "disaster recovery" in mind in case things blow up/die. Keep in mind I have a Print Server, Network Drives, and Anti Virus Server separate from the DC's in case of failure.

Server1
-Primary DC (DNS, Active Directory, Group Policies)

Server2
-Backup DC (DNS, Active Directory, Group Policies)

Server 3
-Primary Print Server
-Primary Network Shares (Replicating via DFS to Server 4 nightly)
-Primary Anti-Virus Server

Server 4
-Backup Print Server
-Backup Network Shares
(I have separate group policies setup/disabled on Server1 in case of failure)

I think it looks alright, maybe it's a bit overkill..not sure. Just trying to keep things separate here. Any thoughts or opinions are welcome.

[Deleted User]

kiki1579 wrote: »

Hey All,

I'm looking for opinions in the way of my server setup below.

I have 4 W2K8 Ent. Servers, all identical in HW specs. Bottom line, Server 2 is a backup of Server 1 and Server 4 is a backup of Server 3. The tape backups will be on another server /w built tape drives.

My boss wanted me to have "disaster recovery" in mind in case things blow up/die. Keep in mind I have a Print Server, Network Drives, and Anti Virus Server separate from the DC's in case of failure.

Server1
-Primary DC (DNS, Active Directory, Group Policies)

Server2
-Backup DC (DNS, Active Directory, Group Policies)

Server 3
-Primary Print Server
-Primary Network Shares (Replicating via DFS to Server 4 nightly)
-Primary Anti-Virus Server

Server 4
-Backup Print Server
-Backup Network Shares
(I have separate group policies setup/disabled on Server1 in case of failure)

I think it looks alright, maybe it's a bit overkill..not sure. Just trying to keep things separate here. Any thoughts or opinions are welcome.

Are you going to incorporate any kind of backup software in this solution? If so, where are you storing the data.. tapes or disk? Just some things you may want to think about if you haven't already.

kiki1579

Yes... basically I have another server that I'm using BackupExec with a built in tape drive. I have about 100 workstations and 30 networked printers that I'm switching from a Novell network to AD. The changeover will happen in sections and not all at once.

Going back to your question, I'm thinking I'll backup Servers 1 thru 3 on tape.

earweed

Question: are these physical servers or virtual? That's a big thing now and after you do your switch you can make an argument for vitualizing these servers to be more "green" and also to enhance your recoverability should a physical server die or something else happens to endanger business continuity. Before proposing virtualization though be sure to do research on what servers are good candidates for virtualization.

Biznatch

What are the specs on the servers and how many clients are they serving? That deffinately seems like a lot of physical servers for a minimal load. Heck my dual 2214 opteron servers could easily run all 4 of those servers at the same time, and that hardware is a couple years old.

If it were me and the hardware was capable, I would trim it down to 2 physical servers, running DC/Print server on one, and the second as the backup DC/PS. Then just use the third comp as a NAS/backup server. Then just use the tape to keep an external backup of the NAS.

it_consultant

Are you planning on using clustered resources? For example, you should cluster the file and print server. Otherwise if the primary fails the failback won't work as expected.

Create and Administer File and Print Server Clusters: Server Clusters (MSCS)

With primary domain controllers - they dont really exist anymore, what you have is one server with the master records (PDC Emulator, Schema master,etc), if that goes down everything goes with it. On your secondary DC you will have to do a role seizure, which is quick and dirty but it does not happen automatically.

Sorry if this is all review, I just wanted to make sure you avoid pitfalls I have seen in supposedly redundant networks I have consulted on in the past.

crrussell3

You say your file servers are replicating via DFS. Are your users also accessing said file shares via DFS? Or do they target a server specifically. I would recommend using dfs paths if you aren't already.

Otherwise, some of what the others have mentioned are good points to consider (virtualization, clustering, etc). But in the end, it all comes down to the one question that only you can answer:

What is the acceptable amount of downtime you can have?

Once you answer that, you will know if having duplicate servers is the answer, <24 hr warrenty/service calls from manufacturer, etc.

Devilsbane

kiki1579 wrote: »

I think it looks alright, maybe it's a bit overkill..not sure. Just trying to keep things separate here. Any thoughts or opinions are welcome.

I don't think it looks overkill. You definitely want the 2 DCs, and you are right that you don't want to pile your network shares or print servers on them.

So at least 3 is needed, and you went 4 by doubling that 3rd server. Then you also mentioned a 5th server for the backup tapes. Sounds like a strong basic network, but how many users are you supporting?

kiki1579

earweed: Would love to do a virtual environment, but that's a no go at this time.

Biznatch: Sure I could do it all on 2 servers, and have the backup on a 3rd server. And yeah I'm probably spreading this a across more than enough server power. BTW, it's like 4 Dell R410 servers

it_consultant: I wasn't planning on using Server 3 & 4 as a cluster, but that's certainly an option. Plus it would be easier if Server 3 failed, I would have to switch any GPO's over in AD DS on Server 1, which is what I have setup now. However anytime I talk about clustering my boss he dismissed the whole idea.

it_consultant

Bosses always get in the friggin way. Just remember, without something to tie them together, extra servers are just that, extra. They won't do anything until you tell all your clients to look to them for whatever service they need. Without clustering or VM high availability it would make more financial sense to axe server 4 all together.

kiki1579

it_consultant...I got ya. So I thought it over and reworked the setup in case we wanted to cluster/vm in the near future.

Server 1: Primary DC
Server 2: Secondary DC & Print Server
Server 3: Open
Server 4: Open

Backup Server: Holds Network Shares (has Backup Exec /w Tape drive on server)
Backup Server2: Open (has Backup Exec /w Tape drive)

Thanks for the advice!

kiki1579

Devilsbane...yeah it's really not THAT big of a network. I'm lookin at around 100 workstations, and 30 networked printers as of right now. I figured that putting the print server on Server 2/Backup DC for now, and the network shares on the Backup server. The backup server has BackupExec and is backed up daily. Print Servers take no time at all setting back up on another server in case of failure so long as you have an export file.

crrussell3...Yeah I'm using DFS to transfer the network shares over to the appropriate server. I was using it mainly to replicate to another server for backup purposes. It's great if you want to move a large amount of data from one server to another. For now, I'm probably going to remove that feature, since there's no need.

As far as downtime I have the backup server for the network shares and the 2nd backup server I can use to backup the Primary and Secondary DC.