| Author | Messages | |
bdesmond
Posts:813
 | | 09/08/2008 4:41 PM |
| RODCs can be GCs so no delta to the recommendation with this scenario.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Tony Gordon
Sent: Wednesday, September 03, 2008 1:12 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] When does it become bad practice.... ALL DCs are GCs
How does introducing RODC into the mix changes the landscape? Since RODC cannot be a GC, early suggestions were to dedicate a WDC as an non-GC DC and place IM there. Is it still the case?
Thank you, Tony.
[cid:image001.gif@01C90DD3.D3B031D0]
Tony Gordon
Windows 2003 & 2000 MCSE, Windows 2003 MCSA, PMP
ITS Infrastructure Engineering
Hewitt Associates | 100 Half Day Road | Lincolnshire, IL 60069 | USA
Tel 847.295.5000 x50526 | Fax 847.554.1574
tony dot gordon at hewitt dot com | www.hewitt.com
From:
"Dmitri Gavrilov" <dmitrig@microsoft.com>
To:
"ActiveDir@mail.activedir.org" <ActiveDir@mail.activedir.org>
Date:
08/31/2008 02:12 AM
Subject:
RE: [ActiveDir] When does it become bad practice.... ALL DCs are GCs
________________________________
FWIW, after some (not at all heated) discussions, we made GC the default option in w2k8 dcpromo. So, we think that should work for most people.
Downsides: not many. Besides increased replication traffic (as noted below), one other observation is that infrastructure master has no place when everybody is a GC (IM requires a non-GC machine to do its job). But that's ok, because it does not need to do anything when everybody is a GC  .
Another observation: while replication traffic increases when all DCs are GCs, authentication traffic decreases, because all group membership evaluations are done locally.
Dmitri
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Saturday, August 30, 2008 3:52 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] When does it become bad practice.... ALL DCs are GCs
Usually it's easier to just make them all GCs. The problem comes in when you have really slow WAN links that just can't support the replication. By really slow I mean like measured in multiples of 64K and not a very big multiple.
Why have you got 4 domains for an environment that small?
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Rand Salazar
Sent: Saturday, August 30, 2008 9:00 AM
To: Active Dir
Subject: [ActiveDir] When does it become bad practice.... ALL DCs are GCs
In the past when there were 3-5 DCs, with 2 domains spread over 2 sites, we threw caution in the wind and made all DCs GCs.... but now as we grow, 20-25+ DCs with 4 domains spread over 10 sites, can we continue the same practice?
At what point does making all domain controllers global catalogs become a bad thing. I've read all sorts of advice where this is good and bad, and where the IM role should not be a GC unless all of them are. All that has left me confused. Thus, I am curious to know.. what does the ActiveDir community think?
Thanks in advance.
________________________________
The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited. All messages sent to and from this e-mail address may be monitored as permitted by applicable law and regulations to ensure compliance with our internal policies and to protect our business. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by e-mail.
| | | |
|
|