Hello everyone,
I've been researching for a few days and I'm seeking some guidance on upgrading our hardware. Our company is still using on-prem solutions for most services and we're relying on physical domain controllers and a file server. Currently, one of our domain controllers is about 8 years old, and we are planning to upgrade it. Right now, it serves as both a domain controller and file server, but I've learned it's best practice to separate these roles. Given that we're a small company with around 150-200 devices, I'm considering using Hyper-V to set up a virtual machine for each role.
We have a Supermicro X14SBI-TF motherboard equipped with 2x 1TB NVMe SSDs for the operating system and 2x 4TB NVMe SSDs for storage, powered by a Xeon 6507P and 64GB of RAM. I realize this setup might be overkill, so I'm looking for any advice on whether we should consider different hardware options, how powerful the new server should be, or if we should invest in separate physical servers for each role. Any thoughts or recommendations? Thanks in advance!
6 Answers
In my experience with a company of about 40 employees, we run two Hyper-V hosts along with a physical domain controller and a backup machine. Although we have a VM for our file server, I've found that it can introduce too many layers, which can slow down performance. Instead, I recommend using a CIFS share directly on your storage; this boosts performance since access is authenticated directly against the domain controllers without an additional Windows VM in the mix. Also, don’t forget that it’s essential to have at least two domain controllers for redundancy! Final tip: aim for a Hyper-V server with at least 256GB of RAM for optimal performance and make sure your storage is solid, whether it’s local SSDs or separate storage solutions.
I'm not a fan of relying on a single piece of hardware for Active Directory, but I understand budget constraints. Previously, at a small clinic, we used a Synology NAS that could double as a DC. While it has limitations compared to a full backup DC, it's a cost-effective option. The NAS also functions well for backup. Just a heads up – make sure any solution you go with can handle your expected needs in terms of storage and performance.
Why not explore some cloud options? Running on spot instances across two VMs could reduce costs drastically!
You might want to consider deploying VMs to separate tasks. For your setup, I’d recommend something like the Lenovo ThinkSystem ST250. It can handle 2x16GB DDR5 and RAID configurations for storage. Pair it with a 4-bay NAS for backups; it's a smart strategy. Just note, the major downside is not having a secondary domain controller, so think about spinning one up in a lightweight VM, or even a cost-effective cloud option. This whole setup can be achieved within a budget around 5k Euros, with ongoing storage costs after that.
Thanks for all your suggestions! I've decided to repurpose the old server as a backup DC after the new one is in place. Our current backups are solid, and we use Synology NAS for specific services. The file server will mainly store documents and user shares, and since we don’t expect significant growth in storage needs, I feel confident. I’ve placed my order for the new server, and it came to around 4500 Euros before taxes.
Splitting the domain controller and file server roles is essential for isolation. A DC performs best when it's solely focused on authentication, DNS, and replication. In environments with around 150-200 endpoints, running two lightweight VMs on a solid host can be effective. I’d suggest downgrading to a more modest Xeon, keeping the 64GB of RAM, and using the savings for either a second host for failover or better offsite backups. The idea is to minimize single points of failure and ensure all systems have redundancy.
Have you considered using cloud services like SharePoint with OneDrive for file sharing? That could be a good way to streamline your operations!