Should Production Windows Web Servers (IIS & SQL) be in a domain?

Posted by tlianza on Server Fault See other posts from Server Fault or by tlianza
Published on 2011-01-12T18:50:57Z Indexed on 2011/01/12 18:55 UTC
Read the original article Hit count: 95

Filed under:

Windows

|

server-configuration

We have a few web servers and a few database servers. To date, they've been standalone machines that are not part of a domain. The web servers don't talk to each other, and the web servers talk to the database servers via SQL Auth.

My concern with putting the machines in a domain together were

added complexity - it's one more "thing" running, and doing "things" that could go wrong.
risk - if a domain controller fails, am I now putting other machines at risk?

However, in certain scenarios it does seem convenient for them to be on a domain, sharing credentials. For example, if I want to give the "services" control on one machine access to another machine (because Remote Desktop craps out) I need to go in and assign privileges on multiple machines - something that I believe Active Directory and Domain Accounts set to simplify.

My question: I'm sure there are things I'm not considering here. Is there a best practice?

© Server Fault or respective owner

Related posts about Windows

Server 2012 DFS New Member Issue

as seen on Server Fault - Search for 'Server Fault'
I am trying to add a new member to our DFS topology. We have 3 DCs (VMs - VMware) running Windows server 2012, two servers are located in or Primary site and the third at our DR site. Currently the two servers at our primary site are currently replicating DFS (full mesh) and are working fine. I have… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
Microsoft Management Console stops working when I add snap-in to it

as seen on Super User - Search for 'Super User'
I have Windows 7 Ultimate OS. I'm opening mmc.exe as administrator and trying add Certificates or any other snap-in, then while loading that snap-in MMC breaks and displays following message and after that it closes automatically once I click on close button on that message. What could be the problem… >>> More
Handling keyboard and mouse input (Win API)

as seen on Game Development - Search for 'Game Development'
There is a number of ways to catch mouse or keyboard under Windows. So I tried some of them, but every of them has some advantages and drawbacks. I want to ask you: Which method do use? I've tried these: WM_KEYDOWN/WM_KEYUP - Main disadvantage is that, I can't distinguish between left and right-handed… >>> More

Related posts about server-configuration

Server configuration advice for new site that could get lots of traffic within 6m

as seen on Server Fault - Search for 'Server Fault'
We're setting up a new web2.0 type site with elements of e-commerce. Budget is kind of tight. Due to the nature of the site and promotions, etc., we expect traffic could ramp up fairly quickly. Looking for advice for a good configuration to start with, we' looking to co-lo with CalPop in downtown… >>> More
[Mail server configuration] The following mail servers did not display a banner

as seen on Server Fault - Search for 'Server Fault'
Hello, i get the following error message when i test my mail sever: The following mail servers did not display a banner: The recommended action is: Configure your mail server to display a banner upon connection. I have googled for a solution but i can't find any. Does this message make sense to… >>> More
How to HIDE "client denied by server configuration:" error in log

as seen on Server Fault - Search for 'Server Fault'
I want to block access to my web server by default as a precaution but I keep getting the following errors showing up in my error log. [Wed Jun 27 23:30:54 2012] [error] [client 86.77.20.107] client denied by server configuration: /home/www/default/Edu.jar [Wed Jun 27 23:32:40 2012] [error]… >>> More
CVS server configuration

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a CVS repository on Freebsd and a ssh access. When I use putty client connection is ok. CVSROOT=:/labs/cvs CVS_RSH=ssh But when I try to do checkout with TortoiseCVS CVSROOT :ext:root@server:/labs/cvs error occurs: cvs commit: warning: unrecognized response Access denied' from cvs server … >>> More
php webclient open source without popup serverconfiguration

as seen on Stack Overflow - Search for 'Stack Overflow'
Is there any open source web client php application without popup server configuration , Am looking open source web client application , I dont want imap, pop3 or any protocol suppert application , Simply i want intra net message service applications , Thanks Bharanikumar >>> More