SBS as PDC and a NT server as BDC in same domain, possible?

[Fredrik Bodin]

Hi

I am thinking of using a SBS primary domain controller with NT servers
acting as backup domain controllers for my small
WAN Offices (ISDN connections to the SBS server). Is it possible ? I am also
intrested if you can do the samething with Back Office server 4.5

--
Fredrik Bodin
Midware Information AB
System Development

[Tom Lowry]

Yes it is possible but most people choose not to in a typical SBS
environment because all of the files and services are on the SBS server
anyway.

In a WAN environment, however, it may make sense if you are using local file
shares that could and should be accessible in the event of an SBS failure.

Tom

Fredrik Bodin <Fredri...@Midware.se> wrote in message
news:SjIG3.582$tQ4....@dummy.bahnhof.se...

[Jeff Middleton]

Hi Fredrik, Tom:

As Tom says, your is one of the few cases where a BDC with SBS can make
sense, to a degree. If you have read the technote on BDC with SBS and know
that it has minimal value for recovery of the SBS domain, then you know that
BDC really just provides logon services, that's about it.

To expand on the concept a bit. If the BDC does not provide any of the
shared SBS applications, but the SBS is intended to be used for common file
access as well as email handling, web browsing, faxing etc., then when
either the WAN or the SBS goes down, you have substantially degraded
workgroup functionality already.

The BDC locally would allow you to maintain a rapid logon to the network,
but it the common files are all kept on the SBS, then you are still
essentially down. If your thought is to use the BDC also as a local
fileserver, then you have a little subnet server as well as BDC. This
allows logon and file service, but still looses the common applications.
Unfortunately, since the BDC really can't ever be promoted to SBS, this is
just a temporary problem and fix to keep logons quick and local files, but
there is another cost. To have this BDC, you need NT Server and you need NT
Server CALs for all the stations in the network accessing this server. If
you have more than one remote office, you will be buying many NT servers and
essentially duplicating licenses for NT Server CALs for all of the users of
SBS CALs. Next, if these really are fileservers and BDCs, you will likely
want to run tape backup of the files as well. You will either be buying
lots of tape backup drives, or will now be in a multi-server environment
needing some expensive 3rd party software to do remote backup of servers.

I did not mention above the other reason for having a BDC above is to
provide Master Browser service for that segment, in turn providing the
potential for domain-wide browser service to allow end-to-end view of all
computers. This really doesn't require a BDC, it's just that the BDC will
almost certainly be elected Master Browser in that segment unless you made
adjustments to prevent this.

These are the significant issues you have for expense above and limited
benefit.

If I may, let me suggest a different route.

I would suggest just placing an NT Workstation at the remote location, not
NT Server. You could still place files on that computer, protect them with
full NTFS security and logon restrictions, leave the console login locked if
that's an issue, and just pretend that it is a server. How does this solve
your problem?

Since BDC for SBS doesn't do anything in the long run but provide logins,
you really have no disaster recovery benefit for the BDC, but it is an
expense just to get rapid login. Even if you have the SBS down, you can
always continue to log in on local machines (Win9x, WinNT, even WinNT Server
member) with the caches logins from previous sessions. Since you can't
access the SBS anyway, you only pay the penalty of your login taking an
extra 15 secs. Next, the NT Workstation still give the local file access,
but does not require any special CALs for file access or for remote tape
backup access. You are limited to 10 simultaneous logins on the NTW, but
this should not be a problem in a small remote office. The NTW will become
(or can be made to become) Master Browser and provide the browsing info you
want to pass through the WAN to the SBS. This really is a fairly neat
solution with essentially no extra expense for small WAN office.

As for the login caching, my experience is that most remote offices may not
need to have constant login and logout. If the SBS is down, no one will be
checking their mail, and if the WAN is down, there aren't any remote files
to secure, only the files, if any in the local room which is not likely to
have the same security issues anyway....therefore, just leave the computers
logged on and you have no logon delay!

I offer all of this as a practical approach. These may not be all of the
issue you could consider, but this is likely to either inspire to ignore my
advice or take it. If you have questions, post em back!

Tom Lowry <tdlow...@yahoo.com> wrote in message
news:hOIG3.27765$I6.4...@typ12.nn.bcandid.com...

[Jeff Middleton]

Thanks, Robert.

Always looking to offer a tour of the far horizon. :)

Robert Hancox <rha...@assistex.com> wrote in message
news:ee4YSEqB$GA.296@cppssbbsa04...
> Another benefit of an NT Server BDC is you can run IIS on it. IIS is not
> tied to SBS like Exchange or SQL. So if you're hosting your own web site,
> it's a service you can offload from the SBS. I know most small businesses
> won't be hosting their own web site, due to connection types, etc, but
this
> approach is still possible.
>
> Rob
>
> Jeff: very good feedback, by the way. Nicely done!
>
> Jeff Middleton <cfo...@compuserve.com> wrote in message
> news:#kKIxxoB$GA.229@cppssbbsa05...

[Robert Hancox]

Another benefit of an NT Server BDC is you can run IIS on it. IIS is not
tied to SBS like Exchange or SQL. So if you're hosting your own web site,
it's a service you can offload from the SBS. I know most small businesses
won't be hosting their own web site, due to connection types, etc, but this
approach is still possible.

Rob

Jeff: very good feedback, by the way. Nicely done!

Jeff Middleton <cfo...@compuserve.com> wrote in message
news:#kKIxxoB$GA.229@cppssbbsa05...

[PowerUser]

If it is possible to run IIS on a NT BDC in a SBS network, then is it
possible to run RAS ??

Jeff Middleton <cfo...@compuserve.com> wrote in message

news:Ofw46HqB$GA.249@cppssbbsa05...

[Jeff Middleton]

Sure, there's nothing that would prevent it. All of the discussion about
the uselessness of BDC apply which I presume you have digested and still
need the BDC. The IIS is just another website. However, if you are talking
about an Intranet Website, I just had a discussion with a customer about
this and we were had pressed to figure out what he would want to do that
wouldn't be more efficiently to evolve in Exchange Public Folders. I really
would need to be visual information to make the case unless you just have a
need that parallel HTML development or the transparent links to the Internet
as well.

As far as RAS is concerned, it's just an internal part of NT that any NT
station (workstation or server) can provide. Routing RAS is a little more
robust on Server than on Workstation, but it is even possible to establish a
WAN between different sites using RAS and NTW! You must stay with static
routes, and you have the potential for login limitations (10 users max)
depending upon how this is setup. Generally, in a small office environment
this would be ignored, and in a large office you would go with a Server or
standalone router for elegance and reliability, but RAS is RAS in any case.

Personally, I would just as soon have RAS connections on a server other than
the SBS when I don't have pressing reasons to keep it on the SBS for
security reasons. Anything I can do to make SBS less the single point of
failure and reboot the better.

PowerUser <n...@NOSPAMpowerusers.com> wrote in message
news:37ec5...@news1.one.net...