With Access Essentials 2.0, we support installation on a Domain Controller. This is something that used to be possible with Presentation Server some time ago. We've made it possible again for Access Essentials 2.0, with some caveats, and some health warnings...
If you only got one server, and handful of purchasing an additional server and Windows license just to run Access Essentials add to the cost of deployment, so installing Access Essentials on your Domain Controller might be appropriate for you.
However, the integrity of your Domain Controller is vital for the overall security and operation of your Domain. Ideally, you want to run as little as possible on your Domain Controller, and restrict access to trusted Administrators. By it's very nature, allowing users to run applications on your Domain Controller increases your exposure to both accidental damage, and to any security vulnerabilities in the Operating System or applications themselves.
We came to the conclusion that making this cost/security trade-off is something we can do for you, so we made it possible to install Access Essentials on a Domain Controller. When you run the installer on a Domain Controller, you be prompted with this message:
As the message says, Domain Controllers can't be made part of a multi-server deployment (more on that in a later post) - so you will have to do more work later if you decide to expand your capacity.
Not available on Small Business Server
A variation on installing on a Domain Controller that comes up fairly often, is installing Access Essentials on Small Business Server. It seems a natural fit. However, Small Business Server doesn include the necessary Terminal Services component, so I afraid that not going to work.
The alternative
Maybe you already got Small Business Server, or the security trade-offs aren appropriate. Obviously you can purchase an additional server to host Access Essentials. The cheaper alternative (and hopefully better for the environment) is to running Access Essentials within a Virtual Machine (VM), by running Server (or VMWare) your Domain Controller. There will be a performance hit of some kind if you do this, so if you have the opportunity, tweak up the spec of the server.
I running Access Essentials inside the VM rather than the Domain Controller - your Domain Controller should be up and running when you boot the Access Essentials server. For Server, a bit of googling finds these KB articles 840319 and 890893 you should take a look at. I couldn't find any useful info on running VMWare Server on a Domain Controller.
There additional benefits to using Virtual Server - budget and/or usage dictates, you can migrate the Access Essentials VM to a dedicated server and can also combine your Virtual Machine into a multi-server deployment.
In summary
Although not recommended, Access Essentials 2.0 can be installed a Domain Controller (but not SBS 2003). Also consider the option of installing Access Essentials in a Virtual Machine.
Next time, I probably start discussion on the multi-server aspects of Access Essentials 2.0 - but if there something you like me to discuss, feel free to post a comment.
My plan was to have 2 or 3 servers in our company spread over different countries and have the master in our head office. Since we don't use AD, we use the real one: NDS/eDirectory, I thought, 'hey, just put AD on our CAE master and use the others as slaves'. Virtualisation is not an option because of license costs, just for AD it will be hard to explain that to my boss. What IS the performance hit I could expect when using CAE in vmware or virtual PC. Does it matter if my PDC is a Windows 2000 server? regards Matthias
Posted by 
PingBack from http://www.laurentfalguiere.fr/blog/?p=46