How many dcs should i have

With only 50 employees the load will not be horribly heavy. Unless you have some application in your environment that generates high kerberos traffic, then technically a single server with Microsoft recommended hardware specs [or VM provisioning] should would just fine. However, you should have at least two domain controllers for redundancy, and preferably one domain controller in each site. With being a smaller organization such as your, I honestly could not think of a good reason to segregate all of your FSMOs.

Place them all together on your most well provisioned and reliable DC. You can use the below guidelines from FSMO placement. Office Office Exchange Server. Not an IT pro? Learn More. Windows Server TechCenter.

Sign in. United States English. Ask a question. Quick access. If you know how to secure a Domain in the correct way, there is no need to isolate different groups of people, based on risk at least.

In a Federal Government Building, maybe, but kids? There'd be nothing wrong with having an all virtual set of DCs, lock them onto different hosts and you greatly reduce the risk of complete domain downtime through host failure. A complete virtual environment failure is almost unheard of so I wouldn't worry too much.

If you run 2 DCs, you've got redundancy and load sharing there, so you don't need such powerful hardware for one physical server. There doesn't seem to be a clear idea on a general rule of how many DCs there should be per user.

Some will say per DC, some will say 10, per DC based on processors, memory etc. I'm still looking but I know for a fact for that many users you def need at least 2 and make sure you are getting system state backups. These days "they" say make them all Global Catalogs with the exception of the Infrastructure Master role holder if there are multiple domains or forests. You may also want to consider your potential VM to run Windows It was built to be much more resilient on virtual in the case of a system crash.

Like others said if you have other sites you probably want one or two DCs there at least one GC and make sure the site subnets match the environments. If anyone has any documentation that gives guidance on users per DC please post here! Suppose I have 40 site offices all over India then how many domain controller i need to configure. For years, I have been running dual Domain controllers for my home lab and I always believed I was doing the right thing.

I've always had countless replication issues between my two DCs and the worse case scenario happened since 4 weeks ago.. I spent these whole 4 weeks trying to resolved the replication issues but have had no joy. These days, you can throw so so many resources at the server, that you don't really need multiple DCs just for HA.

Henceforth, I'm gonna stick with my one DC Single domain in single forest, GC must be on all DCs, and there is no benefit in spreading the roles in a small environment.

If fact , logically, you decrease your MTBF. FSMO roles should be transferred before rebooting a server that has FSMO roles, then transferred back But in a small environment , you can get away with a quick reboot ;. To continue this discussion, please ask a new question. Get answers from your peers along with millions of IT pros who visit Spiceworks. Spiceworks Help Desk. The help desk software for IT. Track users' IT needs, easily, and with only the features you need.

Learn More ». Thai Pepper. BenSpain This person is a verified professional. Verify your account to enable IT peers to see that you are a professional.

A DC is responsible for responding to requests for security authentication. Located in a Windows NT or Microsoft Windows network, the DC server is responsible for letting hosts access various domain resources in the Windows system. When it comes to the Active Directory service offered by Windows, the Domain Controller is at the centre. Not only does it authenticate different users, but it also stores account info for these users and is responsible for enforcing the securities policies that have been established for a Windows domain.

In an environment with just a single Domain Controller, failures can lead to some major issues. The problems can be summed up in a few words: expense, inefficiency, and inconvenience. For businesses that have only one Domain Controller, failure will lead to big-time consequences, such as:. These are things that not only inconvenience and delay team members and processes, but also delay the actual work of getting the servers up-and-running again.

In many cases, it takes days for the system environment to get back into the full swing of things, and that downtime can cost a business a significant amount of time and money. Unfortunately, the majority of businesses that find themselves in this position discover—too late—that there is no usable backup at the infrastructure level that they can use to restore their Domain Controller.

With their one and only DC gone and the Active Directory all but broken, they basically will be forced to spend days or even weeks reconstructing the server from scratch. The key to avoiding this downtime is addressing two weak points. First, the business needs to realise how important it is to invest in a second Domain Controller that is able to take over for the failed DC in the event that one stops working.