Information Technology Reference
In-Depth Information
when you plan to run resource-intense applications on it that shouldn't share server resources
with other services.
A stand-alone server, as the name implies, doesn't fall under the domain's management
umbrella; instead, it's configured as part of a workgroup. Configuring a stand-alone server makes
sense when, for example, the server will be acting as a public Web server, providing services (such
as DNS or DHCP) for a group of non-Windows clients, or serving as a departmental server when
you want local management.
Some reasons you need to add servers to a network include the following:
• Company growth
• Excessive load on existing servers
• Need to isolate an application
• Need for fault tolerance
• Addition of branch offices
A company that's growing, particularly in the number of users, should plan ahead for the
inevitable network slowdowns caused by increased activity. A server that has been humming
along smoothly with 25 users might not perform as well when that number doubles. Ideally, if
growth is foreseen, new resources are put in place before the server becomes taxed. Even with-
out additional users on a network, existing users' use tends to increase over time as users and
administrators find more functions for the server to handle. This gradual increase in network
and server use can sneak up on you. A server that was running fine six months ago can gradu-
ally bog down, sapping user productivity as it takes longer to log on to the network or access
shared files. Monitoring your server's performance regularly before this problem becomes a crisis
is a good idea. Server monitoring is discussed more in Chapter 13.
Sometimes a network application works best when no other major services are competing
for a server's CPU and memory resources. Even if your existing server isn't overused, introduc-
ing such an application into your network might prompt you to install it on its own server.
Isolating applications in this way has the added benefit of not disturbing other network services
when you perform maintenance on the server. The converse is also true: When you perform
maintenance on other servers, you don't disturb the isolated application.
Access to network resources is so critical in today's business environment that loss of access
to server services can reduce productivity and increase costs. Even in a smoothly running net-
work where no server is loaded excessively, adding a server for fault tolerance might still be wise.
Load balancing or fault tolerance are built into several Windows server roles, such as AD DS,
DNS, and file sharing with Distributed File System (DFS). If you need a complete hot replace-
ment for an existing server, Enterprise Edition provides
failover clustering
, in which a group of
servers is connected by both cabling and software, so if one server fails, another takes over to
provide those services.
When a business opens a branch office connected to the main office through a wide area net-
work (WAN), installing a server at the branch office might be prudent. This setup can reduce
WAN traffic created by authentication and authorization, DNS lookups, DHCP address assign-
ment, access to shared files, and more. IT administrators are often concerned about security
when installing a branch office server because a separate secure room is rarely available. The
server might be placed in somebody's office or a common area, which leaves it vulnerable to theft
or even attacks by employees. Having physical access to a server makes compromising the
server's security much easier. To address this problem, administrators can use RODCs. As men-
tioned, RODCs have many of the benefits of a standard DC, but administrators can filter what
information is replicated to the RODC, including passwords. Therefore, an administrator can
configure the RODC to keep only local users' passwords, which limits what damage could be
done if someone were able to compromise the server. In addition, you can create a local admin-
istrator for an RODC so that maintenance activities can be carried out without giving the local
administrator domainwide administrative capabilities. Another option for a branch office server
is using the Server Core installation mode to diminish the overall security risk.
Search WWH ::
Custom Search