locked
Best Practices (Network / AD) - website, SP, Exchange setup questions RRS feed

  • Question

  • Disclaimer: I am new to both DNP and WSP.  Have have deployed WSP purely for testing and do not have any live users on them.

    My questions have more to do with recommendations for network setup and AD.

    1. While currently, the IIS/Website server is not running AD (local accounts) I'm curious if it should? Since we would be bringing Exchange and Sharepoint online shortly after the windows hosting (IIS/Website), I'm curious if it would be better to use AD and tie all the machines together on the same domain.  (Probably easier from a management perspective?)

    2. NAT vs no NAT.  With the cpanel servers that we currently run, it has become normal practice for us to utilize transparent firewalls rather than NAT.  However, I see that WSP/DNP supports internal and external IPs allowing for the systems to be deployed in a NAT environment.  Is this the better way to go?  (It would certainly make things easier to move IPs later if it was needed.  Looking for some advice here as we'd prefer to set things up this way behind an ASA if there aren't any big hurtles to overcome.

    3. Servers - In our development environment, we currently have 4 physically servers.  The thought was that one was used for the website/IIS/WSP Control, 2 for the Exchange setup (1 CAS/HUB, 1 MBX), , and the 4th for the SP server to get us off the ground.  Does anyone have any thoughts on this so that we don't get ourselves "stuck" and unable to expand easily? If more severs are preferable in an initial deployment for this setup, we'd rather make the change now to avoid expansion issues later.

    4. DNS - We currently utilize BIND (both on cpanel dns-only, and for RDNS/colocation customers.  I did find an article (http://www.websitepanel.net/kb/ics-bind-dns-server-installation-and-configuration) that I used with the website/IIS setup with local accounts.  Is there any reason that this wouldn't work with AD setup.  My reasoning is that it would be fairly trivial for us to sync BIND on the servers with the dns-only cpanel bind allowing both systems to maintain dns through the same DNS servers.  I'm not sure if I can do this while using AD.  I'd rather use whatever method is considered best practices as bringing up addition DNS servers is not a big deal if it is better for us to do that here.

     

    My apologies for the length of this post and any questions that I've asked above that would be considered "silly" to ask.

    We are just hoping to get off to the best start possible on WSP to minimize unforeseen issues in the future.

    Have a great week everyone!

    -Koby

    Tuesday, January 25, 2011 5:30 PM

All replies

  • Just wanted to give this a bump and see if anyone had some thoughts on this one?
    Wednesday, January 26, 2011 6:59 PM
  • SQL Server Express 2008 R2 doesn't allow it to be installed through the WPI on a DC since you can't change the username of the Network Service account through WPI.

    After thinking about this, it's probably not the best idea to install the WSP on the DC itself, so we are instead installing two seperate DC's to control the systems.

    I'm guessing folks here aren't installing WSP on the domain controller?

    I'm also hoping to find out if it is still best to put the IIS / ASP hosting servers on the domain rather than standalone servers?  Thoughts?

    Wednesday, January 26, 2011 9:21 PM
  • Hi Koby,

     

    Were you able to find the solution to this?

     

    Thanks,

    Ken.


    Ken
    Monday, January 2, 2012 6:37 AM