SAMIT: Do You Need Two AD Domain Controllers?

StorageNinja

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

Hey look, as soon as we say AD is easy, someone posts on SW that they screwed up their little AD install, again. We get these like once a week, maybe every two weeks. For SMBs, even what should be a trivially easy single server AD install is regularly a major problem. Just picking a domain name is beyond the common skill level. People don't get tripped up by advanced AD techniques, they are regularly stumped by just the most basic install process.

If you can't figure out that you should use a domain you own, you shouldn't be setting up a cloud SSO deployment either...

scottalanmiller

@storageninja said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

Hey look, as soon as we say AD is easy, someone posts on SW that they screwed up their little AD install, again. We get these like once a week, maybe every two weeks. For SMBs, even what should be a trivially easy single server AD install is regularly a major problem. Just picking a domain name is beyond the common skill level. People don't get tripped up by advanced AD techniques, they are regularly stumped by just the most basic install process.

If you can't figure out that you should use a domain you own, you shouldn't be setting up a cloud SSO deployment either...

Agreed. Wouldn't suggest that either.

Reid Cooper

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@storageninja said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

Hey look, as soon as we say AD is easy, someone posts on SW that they screwed up their little AD install, again. We get these like once a week, maybe every two weeks. For SMBs, even what should be a trivially easy single server AD install is regularly a major problem. Just picking a domain name is beyond the common skill level. People don't get tripped up by advanced AD techniques, they are regularly stumped by just the most basic install process.

If you can't figure out that you should use a domain you own, you shouldn't be setting up a cloud SSO deployment either...

Agreed. Wouldn't suggest that either.

KISS. If you don't need complexity, don't introduce it.

dave247

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

I haven't watched your video yet but I've heard a lot of people (non-sales) say having only one DC is a good way to get fired.

bigbear

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

I haven't watched your video yet but I've heard a lot of people (non-sales) say having only one DC is a good way to get fired.

Probably if you have a boss that knows about domain controllers and best practices, you are big enough to be following Microsoft "best practices"

And besides... RDSH in the cloud or bust

dave247

@bigbear said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

And besides... RDSH in the cloud or bust

I don't understand what you mean here..

scottalanmiller

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

I haven't watched your video yet but I've heard a lot of people (non-sales) say having only one DC is a good way to get fired.

Yup..... sales people would say that.

bigbear

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@bigbear said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

And besides... RDSH in the cloud or bust

I don't understand what you mean here..

I am a big fan of Remote Desktop Session Host on Server 2016, Microsoft officially supports DC on the same box. For $80/month on Vultr plus $16/month for Server 2016 license, and about $100/user one time license fee... you can support 15 to 20 users.

The "or bust" part is that I really wouldnt be interested in doing IT any other way.

dave247

@bigbear said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@bigbear said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

And besides... RDSH in the cloud or bust

I don't understand what you mean here..

I am a big fan of Remote Desktop Session Host on Server 2016, Microsoft officially supports DC on the same box. For $80/month on Vultr plus $16/month for Server 2016 license, and about $100/user one time license fee... you can support 15 to 20 users.

The "or bust" part is that I really wouldnt be interested in doing IT any other way.

oh you mean you have a hosted 2016 RDS server/DC? That's pretty cool... I currently have on-site terminal servers but they are 2008 R2 Enterprise and I have a separate server for the connection broker (I hate this setup). I have been meaning to take a look at going to a 2016 RDS setup but haven't had the chance to dig in as I am a freaking "IT generalist" where I work.

bigbear

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@bigbear said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@bigbear said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@black3dynamite said in Do You Need Two AD Domain Controllers? SAMIT Video:

All these best practices seems to be carried over from the days of physical servers.

The need for two didn't exist then, either. It's never been a best practice, always a complete misunderstanding of HA at best, a sales tactic at worst.

And besides... RDSH in the cloud or bust

I don't understand what you mean here..

I am a big fan of Remote Desktop Session Host on Server 2016, Microsoft officially supports DC on the same box. For $80/month on Vultr plus $16/month for Server 2016 license, and about $100/user one time license fee... you can support 15 to 20 users.

The "or bust" part is that I really wouldnt be interested in doing IT any other way.

oh you mean you have a hosted 2016 RDS server/DC? That's pretty cool... I currently have on-site terminal servers but they are 2008 R2 Enterprise and I have a separate server for the connection broker (I hate this setup). I have been meaning to take a look at going to a 2016 RDS setup but haven't had the chance to dig in as I am a freaking "IT generalist" where I work.

You will be presently surprised. The performance is amazing, you really cant even tell you are in a session anymore.

scottalanmiller

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

.... haven't had the chance to dig in as I am a freaking "IT generalist" where I work.

Youtube Video

I have a video for everything these days.

dave247

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

.... haven't had the chance to dig in as I am a freaking "IT generalist" where I work.

Youtube Video

I have a video for everything these days.

yep I just watched that one.. guess I can't call myself a Systems Administrator anymore (jk I totally am)