WSUS on a DC

Mikey · 2 May 2007 at 23:20

Moved to a new company and in the past companies there have been funds for dedicated WSUS servers. I never feel comfortable putting things like this on DCs. Any issues with doing it though?

I know one client wants DC/Exchange/WSUS/File and print and Sophos CID all on one box. Too me that's asking for trouble

Deleted member 58846 · 3 May 2007 at 00:41

To me they should be all on seperate servers. That is definatly asking for trouble if its for more than 50 users.

From my knowledge there is no issues with putting it on a DC but it might be wise to put it on a child domain. example wsus.domain.com.

Still its usually best to have different running services on different servers depending on how many clients and at what bandwidth.

Snow-Munki · 3 May 2007 at 11:13

depends on how big the company is tbh. But i'd prefer to keep things of the DC, which i'm currently slowly doing.

Have built a vmware server which is where my WSUS server currently sits.

Mikey · 3 May 2007 at 12:44

30 users or so for one site, however not going doing it for them at the moment as their DC is running enough, so need to get them to put another box in.

The other site is 12 users, however I've just learn't that they are looking at exchange later in the year so we'll see. I think they may have a spare box and they've got licenses from the Action Pack.

The very large environments I've come from yes we've always gone for multiple servers etc.

DC is a DC
Exchange is Exchange
WSUS
File
Print
SQL

and so one. Each server has one role and one role only.

Nicest exchange was two servers running as BH in a NLB config talking to a Exchange cluster on the backend and some of the callcentres if they were substantial in size having their own local exchange for local mail stores etc.

mdjmcnally · 3 May 2007 at 13:14

If looking at 12 users then what about Small Business Server rather then running all applications seperately.

http://www.microsoft.com/windowsserver2003/sbs/evaluation/features/default.mspx

SBS 2003 R2 even includes Patch Management and seems to me anyway to be a perfect fit for Exchange, File Print and Sophos Server.

Hodders · 3 May 2007 at 19:05

SBS seems like a great solution for small companies - UNLESS they want to use terminal services. SBS2k3 will not let you run a RDP session except as Admin, M$ claim it is a security thing. I reckon it made SBS a no brainer for small companies. This way you have to buy a separate server with another OS and TS licences...

Mikey · 3 May 2007 at 23:36

I would've gone for SBS but the client insisted on "proper" version :rolleyes:

Uhtred · 4 May 2007 at 01:13

installing wsus on the same machine as webhosting can get a little messy but a dc should be fine...done it myself on a vm

optimus · 7 May 2007 at 21:26

For what WSUS is doing, and for that many user, can't you just get a desktop PC to do it? nothing flash.

J1nxy · 7 May 2007 at 22:35

Using a PC hardware is all well and good from a performance point of view but then you have another 2003 Server license to add which costs £400+.

I can also understand Terminal Services being limited to Admin only on SBS. Do you really want multiple users running apps on the same box which is running everything else???

Hodders · 18 May 2007 at 13:40

I can understand that it's maybe a bad idea to run TS sessions on the server that is doing everything...

But warn when the 'tick box' is ticked don't simply not allow it. I'm convinced that they do it to make you buy more servers/OSes.

WSUS on a DC

Deleted member 58846

Deleted member 58846