<div class="gmail_extra">1) If they have a second server, even if it's licensed for Windows 2003, go ahead and use it as a backup. Redundancy is key with AD. Ensure the 2003 has updated GPOs. You can find them here: <a href="http://support.microsoft.com/kb/943729">http://support.microsoft.com/kb/943729</a></div>
<div class="gmail_extra"><br></div><div class="gmail_extra">2) If the second server doesn't work out, have separate partitions (primaries if you can do it) for the Window OS, NTDS Database (this is the AD database - CRITICAL), NTDS Log (Holds the transaction database. AD is SQL based), and SYSVOL (holds the roaming profiles, scripts, launcher files, etc). Back these partitions every one to two days depending upon how often you update AD. Backing up AD is not difficult, but it's convoluted and complicated. Here's more information:
<a href="http://technet.microsoft.com/en-us/library/cc771290(v=ws.10).aspx">http://technet.microsoft.com/en-us/library/cc771290(v=ws.10).aspx</a> </div><div class="gmail_extra"><br></div><div class="gmail_extra">3) DNS is what AD uses to find users and hosts. Set up the first DC with DNS. In accordance with standards, you'll need the secondary DNS available. Even if you don't use the 2003 server as a DC, you can use its DNS service. Otherwise, check the Linux server to see if it can handle MS SRV records. If it can, you are gold. Zone Transfer from the PDNS to the SDNS as often as possible.</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">Once you have this setup, AD is a walk in the park.<br><br><div class="gmail_quote">On Wed, Apr 25, 2012 at 9:09 PM, matti <span dir="ltr"><<a href="mailto:mathew_2000@yahoo.com" target="_blank">mathew_2000@yahoo.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-size:10pt;font-family:times new roman,new york,times,serif"><div><br><span></span></div><div><span>Thank Joel!</span></div>
<div><span><br></span></div><div>Here is the setup:</div><div><br></div><div>Have a MS Windows Server 2008 R2 from another company which got bought...</div><div>originally setup to do email, AD, PDC, DNS etc..</div><div>( it is no longer doing email )</div>
<div><br></div><div>since the domain is different, CTO/CIO was looking at replacing it</div><div>with a linux AD ...</div><div><br></div><div>so my options</div><div><br></div><div>1) Make MS Windows Server 2008 R2 into AD, PDC, ...</div>
<div>( and I guess LDAP for the linux clients )</div><div><br></div><div>I do not think they have a second MS Server License...</div><div>( if they do it would be a win2003 server ) so I am not certain</div><div>about being about to setup a secondary domain
controller<br></div><div><br></div><div>Setup linux servers to pull login info for users from MS Win2008 server..</div><div><br></div><div>2) Setup a linux server as AD/LDAP server...</div><div><br></div><div><br></div>
<div>What do you guys think?</div><div><br></div><div>thanks <br></div><span class="HOEnZb"><font color="#888888"><div>matti</div></font></span><div><br></div><div class="hm HOEnZb"><div><br></div><div><br></div><div><br>
</div><div><br></div><div><br></div> </div><div style="font-family:times new roman,new york,times,serif;font-size:10pt"><div class="hm HOEnZb"> </div><div style="font-family:times new roman,new york,times,serif;font-size:12pt">
<div class="hm HOEnZb"> <div dir="ltr"> <font face="Arial"> <hr size="1"> <b><span style="font-weight:bold">From:</span></b> Junaid A <<a href="mailto:junaidjan@yahoo.com" target="_blank">junaidjan@yahoo.com</a>><br>
<b><span style="font-weight:bold">To:</span></b> 'SGVLUG Discussion List.' <<a href="mailto:sgvlug@sgvlug.net" target="_blank">sgvlug@sgvlug.net</a>>; <a href="mailto:sgvlug@sgvlug.org" target="_blank">sgvlug@sgvlug.org</a> <br>
<b><span style="font-weight:bold">Sent:</span></b> Wednesday, April 25, 2012 5:10 PM<br> <b><span style="font-weight:bold">Subject:</span></b> Re: [SGVLUG] Active Directory and linux<br> </font> </div></div><div class="im">
<br>
<div><div><div><div><span style="font-size:11.0pt;font-family:"sans-serif";color:#1f497d">Matti,</span></div><div><span style="font-size:11.0pt;font-family:"sans-serif";color:#1f497d"> </span></div><div>
<span style="font-size:11.0pt;font-family:"sans-serif";color:#1f497d">Will you be running LDAP on Linux as well? </span></div><div><span style="font-size:11.0pt;font-family:"sans-serif";color:#1f497d"> </span></div>
<div><span style="font-size:11.0pt;font-family:"sans-serif";color:#1f497d">Junaid</span></div><br> </div></div></div></div></div> </div> </div></div></blockquote></div><br></div>