none
Best Practice for building a Windows 2008 Domain Controller

    Question

  • Hi,
     
    Just wondering what other people do regarding AD files on a domain controller?

    for example

    Just store everything on the c: drive - Default

    or something like this.  Store the Active Directory database on a different drive from the operating system
    and store the transaction logs on a different drive too

    C: Operating System
    D: Active Directory Database Files
    E: Transaction logs
    F: Syslog


    Thanks

    Gareth 
    Thursday, September 04, 2008 10:14 AM

Answers

  • Gareth,

    DCs are not *that* performance hungry by default (compared to Exchange or SQL Servers). Since the recommendation is to always have a least two DCs per domain, I don't do much tweaking at the DCs other than sourcing other needed services out to other servers. DCs only serve AD, nothing more.

    Having said that, if you're planning an implementation that needs high throughput or servers a large AD database (with GC and all FSMO roles for a large implementation), you can - of course - put the AD database and the transaction logs to a seperate drive (not only a seperate partition on the same drive!). I wouldn't put the syslog out to another drive, I'd just keep it with the OS. Afaik that eventlogging doesn't consume much disk activity (unless you're excessivly logging access to objects in AD or stuff).

    So from my point of view: seperating the database and log files from the OS is legitimate, but not necessary unless you're planning a large implementation.

    cheers,

    Florian
    Microsoft MVP - Group Policy -- blog: http://www.frickelsoft.net/blog
    Thursday, September 04, 2008 10:40 AM
  • Hi Gareth,

    I would generally use the following partitioning for domain controller. 

     1. HW Raid 1 with two disc and one logical drive
     2. Partition C: only OS
     3. Partition D: \SYSVOL
                         \NTDS
                         \Backup
     4. Partition E: \SYSLOG
                        \Transaction Log
                        \AD-Snapshot

    With this configuration you can easy recovery an DC (Restore by instruction/concept)

    Rgds
    Thursday, September 04, 2008 1:44 PM

All replies

  • Gareth,

    DCs are not *that* performance hungry by default (compared to Exchange or SQL Servers). Since the recommendation is to always have a least two DCs per domain, I don't do much tweaking at the DCs other than sourcing other needed services out to other servers. DCs only serve AD, nothing more.

    Having said that, if you're planning an implementation that needs high throughput or servers a large AD database (with GC and all FSMO roles for a large implementation), you can - of course - put the AD database and the transaction logs to a seperate drive (not only a seperate partition on the same drive!). I wouldn't put the syslog out to another drive, I'd just keep it with the OS. Afaik that eventlogging doesn't consume much disk activity (unless you're excessivly logging access to objects in AD or stuff).

    So from my point of view: seperating the database and log files from the OS is legitimate, but not necessary unless you're planning a large implementation.

    cheers,

    Florian
    Microsoft MVP - Group Policy -- blog: http://www.frickelsoft.net/blog
    Thursday, September 04, 2008 10:40 AM
  • Hi Gareth,

    I would generally use the following partitioning for domain controller. 

     1. HW Raid 1 with two disc and one logical drive
     2. Partition C: only OS
     3. Partition D: \SYSVOL
                         \NTDS
                         \Backup
     4. Partition E: \SYSLOG
                        \Transaction Log
                        \AD-Snapshot

    With this configuration you can easy recovery an DC (Restore by instruction/concept)

    Rgds
    Thursday, September 04, 2008 1:44 PM
  • Thanks for your replies,

    Cheers

    Gareth
    Friday, September 05, 2008 7:35 AM