Installing Windows Server 2012 Standard (4 Questions)

Discussion in 'Windows Server' started by Jay001, Feb 18, 2015.

  1. Jay001

    Jay001 MDL Novice

    Oct 2, 2014
    9
    0
    0
    1) When I come to install Windows Server 2012 Standard how many users can connect to it at any one time?

    2) Say I have the website domain name mydomain . co . uk, (spaces added due to little post count) when I come to install Windows Server 2012 Standard it asks me to enter the root domain name. Am I OK to enter internal.mydomain.co.uk? I don't have this server running as an email server, and it will never run as one either (it's just going to be a file server with Active Directory running), so will this cause problems or is it just for internal use and it won't affect the domain name I have already of www . mydomain. co. uk. Just a bit confused on the root domain bit, as I don’t want the outside world to "connect" to it.

    3) I've been experimenting with groups and users to set up folders and read/rights to. However, is it possible to "hide" a folder from a group/user? After some tests I've managed to add a group called "IT" added some users and created a folder called "Plans" then added another group called "Reception" added some users and I don’t want the "Reception" group to see this folder "Plans". At the moment they can see the folder but when they double click on it, it shows you don't have access rights to this folder. Is it possible to not show it at all? If not I'll leave it with the error message showing.

    4) I will have 2 HDD's (1 for the Operating System and 1 for the data storage) I have already got a backup system in place but if the Operating System HDD goes down, what files/folders should I backup relating to the Operating System and where are the settings held of all the users/groups/GPO's/Active Directory settings etc so that if I had to rebuild the server I can just install the Operating System and import all of these settings in. Is this possible?

    Many thanks for the help!!
     
  2. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,064
    836
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,064
    836
    60
    @kubato's comments

    1. He did not specify how the clients connect, assuming most will be clients connecting over LAN as in login and not remote desktop. It's unclear what he means by "connect" really. I'm assuming any method that required Authentication. Also it's not clear if he is referring to legally allowed vs physically. His questions imply initial planning stage hence my comment on CAL's.

    2. Either will work. This is something that seems 50/50 split on which is best. The end result is it does not matter either way in his case from what he's posted.

    3. He's running 2012 which includes Access Directory enumeration which is exactly what he needs. Users don't see folders they have no permissions to access. No need to mess with folder attributes.

    4. Totally agree with your comment on second domain controller. Really best practise is not to add additional rolls to Domain Controllers and have multiple. That way it's less of a head ache to just replace. Since Windows 2012+, virtual domain controllers are fully supported (unlike 2008/2008 R2+). It even supports a method of cloning virtual domain controllers. The main issue he will encounter is licensing. It's unclear what his infrastructure is like - it's post seems to imply 1 physical box running everything. Do you see a recipe for disaster here also? :eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Jay001

    Jay001 MDL Novice

    Oct 2, 2014
    9
    0
    0
    Hi all,

    Many thanks for all the replies. In answer to the questions here is some more info. (Apologies I should have stated this in the first post)

    1) The clients will connect over the LAN as a login and NOT remote desktop. Since there are only about 5-10 users that will connect to the server at any one time. All that I want is to be able to map 2 drive letters (1 for a home directory and 1 for file storage) So I hope this will be legally and physically allowed?

    2) Many thanks. I will go with mydomain . co . uk . local ( Just a question from the first post - will it be correct to enter it as: mydomain. co. uk . local OR mydomain . local ?? Do I include the .co.uk bit? I just need to make clear the root domain bit really.

    3) I came across Access Directory enumeration and the web link has helped.

    4) "Windows backup has a great system that lets your backup the OS to the cloud." That is a useful feature to have I agree but you need the speed in order to do this, which we don't have (maybe in the years to come but not at the moment)

    "Other options would be to setup a raid 1 mirror." - I have been looking into raiding and mirroring and that is a possible solution.

    Yes it will be 1 physical box running everything, but with only 5-10 users (not all connected at the same time and at different times of the day) I can see a recipe for disaster but this isn’t been set up for heavy user/file use. There is going to be 2 programs running (from user PC's) that will pull data off the server at any one time. Everything else is program based via physical PC's and nothing is virtual. (Simply don't have the resources to have that running) Just a simple file server really. Won’t be using cloud backup due to the internet connectivity and the infrastructure where this is so, that’s out of the equation and we don't use remote desktop either. Due to the small company if the server does go down, then yes there is a recipe for disaster but again this is a small company so this will be looked into if problems arise.

    Many thanks for the replies, most helpful.
     
  5. trasher255

    trasher255 MDL Member

    Jul 26, 2009
    116
    16
    10
    I think it can be done on one box. I have all on one box. I use the Windows Server Backup Function to put everything on a seperate harddisk each night. I have used two or three times this backup to recover the system disk of the server. I did it the simple way: Just writing back the image, including Exchange. Of course this is not recommended: you loose files, email and other changes made after the backup. That's the price you pay for not wanting to use two boxes. The recovery process takes about one hour and after that you are ready to go again. If you do not want ever to loose mail, you'll definitely need two or more boxes.
     
  6. Jay001

    Jay001 MDL Novice

    Oct 2, 2014
    9
    0
    0
    "I use the Windows Server Backup Function to put everything on a separate hard disk each night." There is something similar that is in place at the moment but will look into this feature.

    "If you do not want ever to loose mail, you'll definitely need two or more boxes." As stated in the original post, this server will not have email exchange running anyway as the email is separate to the file server altogether.

    Many thanks for the help.
     
  7. Jay001

    Jay001 MDL Novice

    Oct 2, 2014
    9
    0
    0
    Many thanks. :)
     
  8. Techiekid

    Techiekid MDL Member

    Nov 3, 2009
    106
    14
    10
    Yes, I have one system like that too, with all on one box. I even have an acronis image system run on friday nights as well to an external source. My other server is virtual, so cloning that system periodically is fairly easy to do. Just can't stress frequent backup enough, it's a life saver.
     
  9. ZaForD

    ZaForD MDL Expert

    Jan 26, 2008
    1,180
    178
    60
    Maybe I've misunderstood some here (nothing unusual foe me :biggrin:) but do you really need another 'Server' for your Backup DC?

    I'm sure a friend of mine was using a broken laptop (screen gone) as a Backup DC on his home network not a production one.
    But would that really matter? It could save a lot trouble in an emergency.
     
  10. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,966
    1,821
    180
    People, do not make a meal out of it. Was already answered by Threat in post #2
     
  11. Jay001

    Jay001 MDL Novice

    Oct 2, 2014
    9
    0
    0
    Hi all, many thanks for all the replies, have been very helpful. I am about 75% getting there. Just a couple of questions to check really:

    1) The clients will connect over the LAN as a login and NOT remote desktop. Since there are only about 5-10 users that will connect to the server at any one time. All that I want is to be able to map 2 drive letters (1 for a home directory and 1 for file storage) So I hope this will be legally and physically allowed?

    2) Many thanks. I will go with mydomain . co . uk . local ( Just a question from the first post - will it be correct to enter it as: mydomain. co. uk . local OR mydomain . local ?? Do I include the .co.uk bit? I just need to make clear the root domain bit really


    Many thanks
     
  12. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,064
    836
    60
    Just mydomain.local

    As for your question about hour 10 users been allowed, physically yes ... Legally it depends on what licences you have purchased. Only you know this not us.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. spice_weasel

    spice_weasel MDL Novice

    Mar 22, 2010
    13
    8
    0
    It is not recommended to use .local You should use internal.mydomain.co.uk Especially if you ever want a SSL certificate.
    w?w.mdmarra.com/2012/11/why-you-shouldnt-use-local-in-your.html
     
  14. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,064
    836
    60
    That's just one persons opinion. You could find as many reasons to disagree.
    There can be specific reasons to go either way, although the reality is for most situations there is no difference.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. deathero

    deathero MDL Junior Member

    Oct 26, 2012
    53
    32
    0
    going off from what Threat said, i have worked on many windows domains and different networks where i live and most people just leave it simple with pc-lab.local or name of school.local just to make it easier to manage and remember many domains if you have a huge Wide Area Network and such. in the end you can name it to whatever you want since its your server / network
     
  16. spice_weasel

    spice_weasel MDL Novice

    Mar 22, 2010
    13
    8
    0

    And then there's Digicert's opinion. If you don't plan on buying any SSL certs, then it wouldn't matter

    ??w.digicert.com/internal-names.htm