Useful tips for setting up Microsoft Active Directory Domain Controllers

Fill in the Form to Continue

Alexey Khorolets, Pre-sales Engineer, StarWind

Duration: 43:11


Key points of the webinar:

  • Microsoft Active Directory Domains control replication of domain data
  • Domain Controllers are used to responding to user’s security authentication requests
  • Virtualizing Domain Controllers to create a fault-tolerant environment
  • Tips on setting up Microsoft Active Directory Domain Controllers

Domains are logical Active Directory components for managing the administrative requirements of the organization. The logical structure is based on the administrative authority and operational requirements such as a need to control replication. In general, domains are used to control replication of domain data in the forest and organizational units are used to further organize network objects into a logical hierarchy and delegate control to appropriate administrative support personnel.

A domain is basically the partition in Active Directory forest. Partitioning data enables organizations to replicate data only to where it is needed. In this way, the directory can scale globally or over a network that has limited available bandwidth.

Microsoft Active Directory Services organize and keep information about individual objects within the forest and store it to a respective database hosted by a Domain Controller. A Domain Controller allows system administrators to grant or deny user’s access to system-wide resources, such as printers, documents, folders or network locations via the single name and password.

Virtualization of Domain Controllers delivers the ability to make the environment fault-tolerant and highly available. Further, to properly configure Domain Controllers it is recommended to setup at least two of them, as if the only DC goes down, network users won’t be able to log in to their machines.

Secondly, it is advised to separate Domain Controllers. In a hyperconverged scenario with two nodes, one DC should be setup in a virtual machine on the local storage of the first host and second DC VM – on a different host or storage. Such configuration allows withstanding nearly any failure situation.

Thirdly, it is recommended to backup one of Domain Controllers. Once virtualized, they can be easily backed up for example, with Veeam Backup & Replication. There is no need to backup all DCs, as for item-level recovery one copy of Active Directory database is sufficient.

A proper DC configuration example is a hyperconverged environment with two nodes, cluster shared volume built with the functionality of StarWind, heartbeat connection and data replication via the synchronization link. In such environment, one domain controller is setup in the local storage of the first node and second DC is on another server. In the case of a blackout, only one of DCs will be down and the failover cluster becomes visible again after nodes are booted on.

On the opposite, it is not recommended to put a DC inside of a cluster shared volume, as with only one Domain Controller, when it goes down, the nodes will not be able to connect to the failover cluster.

Power Your Business With StarWind!
Book Free Online Demo:

Thank you for your application!
We will reply to you shortly.