slide1
Download
Skip this Video
Download Presentation
Chapter 7: Service Sizing and Placement

Loading in 2 Seconds...

play fullscreen
1 / 42

Chapter 7: Service Sizing and Placement - PowerPoint PPT Presentation


  • 105 Views
  • Uploaded on

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure. Chapter 7: Service Sizing and Placement. Exam Objectives. 4.2 Design an Active Directory implementation plan 4.3 Specify the server specifications to meet system requirements

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Chapter 7: Service Sizing and Placement' - hastin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

Chapter 7:

Service Sizing and Placement

exam objectives
Exam Objectives
  • 4.2 Design an Active Directory implementation plan
  • 4.3 Specify the server specifications to meet system requirements
  • 4.2.1 Design the placement of domain controllers and global catalog servers
  • 4.1 Design a DNS service placement

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

exam objectives continued
Exam Objectives (continued)
  • 4.2.3 Select the domain controller creation process
  • 4.2.2 Plan the placement of flexible operations master roles

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

the planning phase
The Planning Phase
  • Factors that contribute to the need for a service placement strategy:
    • Unreliable WAN links
    • Nonredundant WAN links
    • Expensive, overused WAN links
    • Physically insecure locations
    • IT hardware budgets

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

logon time
Logon Time
  • When designing service placement, time to start up is affected by:
    • Complexity of startup and logon scripts
    • Number of group policies processed for the computer and user
    • Network speed from client to DC, DNS server, and GC

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

active directory infrastructure required for self sufficiency
Active Directory Infrastructure Required for Self-Sufficiency

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

security
Security
  • Domain controllers (DCs)
    • House the Active Directory database
  • Active Directory database
    • Used to store sensitive information
  • Of paramount importance
    • Security of database and DCs housing it

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

location security points system
Location Security Points System

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

replication overhead
Replication Overhead
  • For every DC deployed
    • Associated replication traffic overhead exists
  • Important
    • The testing and measurement of additional network services
  • Decision to be made
    • Whether logon times should be optimized or replication traffic minimized

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

active directory aware applications
Active Directory-Aware Applications
  • Active Directory:
    • A database used to store objects that exist within the organization
    • Can also store data relating to applications
    • Access to stored data can dictate where DCs are located

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

user populations
User Populations
  • Role of designer of an Active Directory infrastructure deployment:
    • Document each location and the number of users at that location
    • Assess the type of users at each location
    • Determine if users require Active Directory authentication even in the event of a WAN failure
    • Create user population bandings
    • Deploy the appropriate Active Directory infrastructure components

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

the implementation plan
The Implementation Plan
  • Designing service placement should:
    • Introduce a degree of subjectivity
    • Remove ambiguity where possible
  • Develop an algorithm that:
    • Decides which locations should receive infrastructure components
    • Justifies the need for the infrastructure from budgetary, operational, and political points of view

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

weighted points assignment for user populations
Weighted Points Assignment for User Populations

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

weighted points assignment for location bandwidth
Weighted Points Assignment for Location Bandwidth

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

weighted points assignment for service levels
Weighted Points Assignment for Service Levels

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

weighted points assignment for spoke sites supported
Weighted Points Assignment for Spoke Sites Supported

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

sizing and availability
Sizing and Availability
  • Windows Server 2003 Active Directory supports four different partitions:
    • Schema
    • Configuration
    • Domain
    • Application Directory partitions

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

sizing domain partitions
Sizing Domain Partitions
  • Size of domain partition in GB = (number of users in domain / 1000) * 0.4
  • Above expression allows administrators and architects to estimate the size of the database before deployment

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

domain partition size versus number of users in the domain
Domain Partition Size versus Number of Users in the Domain

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

application directory partitions
Application Directory Partitions
  • Can be used to store data pertinent to a particular application
  • Stored data can be replicated to any subset of DCs in the forest deemed appropriate
  • Discrete partitions within the database

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

domain controller sizing and specification
Domain Controller Sizing and Specification
  • Recommendations for disk configuration and disk space requirements:
    • For DCs accessed by fewer than 1000 users, all four can be collocated on the same RAID 1 array
    • For DCs accessed by more than 1000 users, place logs and database on separate RAID arrays
    • Place SYSVOL and the database on the same RAID array

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

windows server 2003 minimum system requirements
Windows Server 2003 Minimum System Requirements

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

recommended domain controller disk configurations
Recommended Domain Controller Disk Configurations

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

disk space requirements
Disk Space Requirements
  • Database
    • Allow for 0.4Gb per 1000 users
  • Logs
    • Allow at least 500MB free space
  • SYSVOL
    • Allow at least 500MB free space
  • Operating System
    • Allow at least 1.5GB free space

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

recommended domain controller cpu and memory requirements
Recommended Domain Controller CPU and Memory Requirements

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

placement considerations
Placement Considerations
  • Windows Server 2003 Deployment Resource Kit
    • Covers DC, GC, FSMO, and DNS service placement and suggests algorithms for each
  • Figure 7.3
    • Focuses on remote administration, physical security, and WAN availability and performance

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

placement considerations continued
Placement Considerations (continued)

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

microsoft recommended number of domain controllers per site
Microsoft Recommended Number of Domain Controllers Per Site

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

the promotion strategy
The Promotion Strategy
  • Split into two stages:
    • First stage deals with a review of the server’s configuration
    • Second stage is the actual promotion

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

manual promotion
Manual Promotion
  • Most popular approach to promoting servers to become DCs
  • Offers the administrator complete control over the promotion phase
  • Involves the installation of a Windows Server 2003 member server

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

automated promotion
Automated Promotion
  • Promoting a member server to a DC
    • Can be automated using a dcpromo answer file
  • Dcpromo
    • Can be executed in the following way
      • dcpromo /answer

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

global catalog server sizing and specification
Global Catalog Server Sizing and Specification
  • Space requirements for GC servers
  • Active Directory-aware applications
    • Most important factor when choosing GC placement

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

global catalog server sizing and specification continued
Global Catalog Server Sizing and Specification (continued)

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

global catalog server sizing and specification continued1
Global Catalog Server Sizing and Specification (continued)

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

dns servers
DNS Servers
  • Flexible Single Master Operations Roles:
    • There are five FSMO roles in all
      • Two per forest and three per domain
    • In a forest with five domains
      • There will be 2 (forest) and 5 * 3 (domain) FSMO roles for a grand total of 17

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

domain naming master
Domain Naming Master
  • Active Directory forest:
    • May contain many domains
    • Each domain must have a unique fully qualified domain name (FQDN)
  • Role must be assigned to precisely one DC in the forest
  • Responsible for maintaining the authoritative list of domains in the forest

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

schema master
Schema Master
  • Schema:
    • Exists as a partition within Active Directory
    • Is replicated as a read-only partition to every DC in the forest
  • DC that houses Schema Master (SM) FSMO role
    • The only DC in forest that can have schema amendments made to its copy of the Schema partition

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

rid master
RID Master
  • When a new security principal is created
    • It is assigned a unique Security ID (SID)
  • SID is comprised of two parts:
    • A domain SID
    • A relative ID, or RID
  • RID Master FSMO role
    • Ensures that different DCs never allocate the same RID to different objects

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

failover and recovery
Failover and Recovery
  • Role Transfer
    • Preferred method of moving FSMO roles from one DC to another
  • Role Seizure
    • Role should be seized only if current holder cannot be contacted to transfer the role in a graceful manner
  • Standby Servers
    • Facilitates failover

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

fsmo role transfer and seizure best practices
FSMO Role Transfer and Seizure Best Practices

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

summary
Summary
  • Identify locations that require self-sufficiency
  • Identify Active Directory-aware applications and their requirements
  • Assess your organization’s user populations
  • Create an algorithm to assign service components
  • Create an implementation plan

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

summary continued
Summary (continued)
  • Carefully forecast the size of the Active Directory database
  • Choose:
    • Appropriate hardware specification for DCs, GC servers, and DNS servers
    • Appropriate locations for FSMO roles and plan for FSMO role holder failures
  • Understand rules and ramifications of seizing and transferring FSMO roles

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

ad