Need advice regarding Window Server 2008 Roles and Abilities RRS feed

  • Question

  • Hello,

    I work for an organization of approximately 150 staff that does not have any Microsoft Servers at the moment. Currently everything we do is run off Linux servers and open source applications. I attended MS TechDays a few months ago and came out of it with a great appreciated for what we could be doing to optimize our processes, and it has been requested by upper management that I provide a document showing what we are currently doing versus what we could be doing. The problem I have is that most of my questions seem to basic to find an answer for, as everything I am reading from the MS websites and elsewhere seem to assume you already have knowledge of their systems.

    The main recommendations I would like to make are:

    1. An Active Directory for central management of group policys.

    2. Mass deployment of "approved" MS Windows and MS Office Updates, as well as third party application updates such as Adobe Reader, Adobe Flash, etc...

    3. Mass deployment of custom windows operating system images to new workstations received from our supplier.

    4. The ability to remotely connect to an end users desktop to provide support.


    I believe that I have number 3 figured out... it would require installing the Windows Deployment Services Role. However, can this role be installed on the same server that is running the AD, or would it be better to have a second instance of Windows Server 2008 R2 dedicated solely to deployment services?

    As for #1, 2, and 4 - Are these all basic features of an Active Directory or do they require additional roles to be installed?

    Any and all advice would be greatly appreciated.


    Saturday, February 12, 2011 12:25 AM


  • Hi Antonio

    Number 1 when you add the Active Directory role in windows server you also get group policy although if you want you can install group policy management console which makes it much much easier to work with group policy. A ctive Directory is a role in itself which has to be installed once you have installed windows server. The GUIs/Wizards will guide you through most of the processes when adding roles and its quite simple to set up

    Number 2 is an application that you have to install separately called Windows Server Update Services. The installation package can be found on the Microsoft Website as well as information on how to set it up, its all just about clicking next with Microsofts GUI's :) This app will save you a whole lotta bandwith and will ensure all your computers are up to date and you can manage updates for al your machines from on server.

    Number 4 Remote Desktop: comes with i think all windows Operating Systems though when you have an Active Directory you might need to create permissions on who can view who's desktop and how sessions are handled and client settings for RDP which can be changed and managed via Group Policy

    As for your first question on Windows Deployment Services.. i normally prefer keepin AD's, DNS servers and other operations critical servers without too much work or too many roles installed.. the role can be installed on an AD whether it is recommended or not by Microsoft i think the website will explain or the MS Moderator can help you out on that one.. :)

    Hope this helps you out :)

    • Marked as answer by Kevin Remde Monday, February 28, 2011 12:51 PM
    Monday, February 14, 2011 10:52 PM