role placement with Citrix and Active directory.....and moving AD domains/forests

role placement with Citrix and Active directory.....and moving AD domains/forests

Post by briano » Fri, 29 Aug 2003 19:41:45


Hi All,

I have been given a month to build a win2k active directory based - 24
blade Citrix server farm. I am using Dell 1655 blades. I currently
have a few questions related to both Termservices/Citrix and Active
Directory, so any input into either would be very much appreciated.

The blade farm has 24 servers across four chassis and will also
include two additional Dell 1u servers. One will run the Dell Image
server. And the other will run the master node server.

I am required to build this farm in its own domain for organizational
reasons. The problem I have is that this farm has to be built
off-site without comms to the forest it will be joining, and then once
tested moved and joined into the forest.

So, out of all this, I have the following questions :

1) where to place the data collector: for 24 servers, should the
collector be a dedicated machine or not? Not sure what Citrix
recommends, I remember something like a dedicated DC for 50+ servers.
My guess is, at a push, a data collector could still service some
citrix users with appropriate load evaluators configured.

2) I need to build a DC, a backup DC, a primary DNS and a
backup/secondary DNS.
I thought about using the two additional 1u Dell servers as the
primary DC + secondary DNS on one and 'secondary' DC and primary DNS
on the other. My concern here is that I remember reading somewhere
that the DNS server should not sit on a DC for some reason or
other...security I believe but not sure.

3) In order to build this farm domain off site, what options are
available to me, i.e. can I build a child domain off site that can't
see its parent forest and then move it in at a later stage? Would I
have to build a seperate forest instead and then move this forest?
Could I bring one DC from the customers production network and put on
out network in order to provde the parent forest entity?

4)How would I integrate the DNS infrastructure at a later stage. i.e.
I guess I would have a DNS zone for a child domain which would need to
be integrated with a parents DNS. Or I may have a forest DNS which
would need to integrate with another forests DNS?

Thanks in advance.

Brianos :o)
 
 
 

role placement with Citrix and Active directory.....and moving AD domains/forests

Post by Matthew Ha » Sat, 30 Aug 2003 02:29:42

answers are inline...

<snip>
should the
Citrix
50+ servers.
service some

Citrix typically recommends you make the data collector a
dedicated machine. You could put user on it, but I would
only do that if you needed to.

as the
primary DNS
somewhere
reason or

Typically, most domain controllers have the DNS server
also installed locally. Having a local DNS server is
typically done even if you are using an ISP's DNS server.

options are
that can't
stage? Would I
this forest?
network and put on

This might get a little tricky. My thought is to use a
domain controller from the current facility and then take
it off site. Then again, I haven't tried this before, so
you might want to talk to the guys in the active directory
newsgroups to see if they have any more information or
tips.

stage. i.e.
would need to
DNS which

Similar to my answer above...I'd imagine that you'd want
to have a forest DNS, but those Active directory guys
might say different.

-M

 
 
 

role placement with Citrix and Active directory.....and moving AD domains/forests

Post by briano » Sat, 30 Aug 2003 18:40:10

Hi Matthew,

Thanks for your response...much appreciated...

In addition to the 24 server blade farm, I have two Dell (twin proc)
decent boxes..

my cunning plan is to use these two boxes as the two AD domain
controllers for the entire farm. They will also run primary and
secondary DNS. as well as IIS and nfuse load balanced between the
two.

One will also be an Altaris server holding images of the server
blades.

I reckon these boxes would easily handle all this...

Any comments gratefully rcvd...

thanks, Brian
 
 
 

role placement with Citrix and Active directory.....and moving AD domains/forests

Post by Matthew Ha » Sun, 31 Aug 2003 05:48:22

Ah. Well that sounds good. After you have this etup, you
might want to run some performance monitors to see how
well the system is holding up.

-M

(twin proc)
domain
primary and
between the
server