We currently have a domain controller which has the profiles etc. for around 30 users. It is also the local DNS server and file server.
As it's our only Domain Controller, if we ever have to restart the server or it loses network connectivity then no-one can login to the network or access their profiles etc. Because of this I think it would be advantageous to add another Domain Controller. However, I have a few questions:
Firstly, if I add another Server 2008 domain controller and set it as an additional controller do the two DC's require direct LAN connections? Or, is both connected to the same switch enough?
Secondly, do all of the profile changes (roaming profiles) get mirrored whenever one changes?
Thirdly, as our primary/current DC is running as a file server, can the additional DC mirror the files to make the files available if only the second/new DC is available?
Thanks.
Best Answer
1) No, they do not need a direct LAN connection. They can be configured to have AD/DNS sync across to each other as long as they are on the same network and configured for the same domain(s).
2) Yes, if configured correctly the changes should all be mirrored, though this is usually not an instantaneous process, it can sometimes take several minutes (depending on your environment, size, network latency, etc) for the changes to replicate to additional AD/DNS servers.
3) Yes, that is a possibility using third party software, but it may decent size hassle to accomplish that the way you are looking for. The simplest solution for what it sounds like you want to do, may be to utilize Network Attached Storage (NAS) and then configure your two domain controllers to actually be part of a Microsoft Cluster (which Server 2008 can do by default with the correct version). In this type of scenario you can configure the NAS to be shared and the drive will "switch" to the active node. You could also configure AD/DNS servers to "switch" to the active node, if there was a failover scenario.