03-03-2019 08:16 PM
Has anyone ran into any issues when deciding to install the user-id agent on a domain controller in an organization with about 6000 users.
03-04-2019 04:38 AM
Victor, Hi.
we have approx double that ammount and felt best advised to keep the agent away from the DC.
others of course prefer to install on the DC's to reduce traffic.
even if our user count was 1k or so we would probably still keep the agents seperate as doing any work on a DC involves a mind blowing ammount of change forms and time.
by keeping the agents seperate we can modify as and when we like.
however... i can see no reason why your DC's would not cope, but if they are currently running at 75% then perhaps not...
you do of course have the option of using local agents on the Palo.
so... yes we had issues but probably not the ones you were thinking of...
03-04-2019 04:25 PM
I would put it on a stand alone server. Let your DC be a DC no need to introduce an additional point of failure on it.
03-04-2019 04:38 AM
Victor, Hi.
we have approx double that ammount and felt best advised to keep the agent away from the DC.
others of course prefer to install on the DC's to reduce traffic.
even if our user count was 1k or so we would probably still keep the agents seperate as doing any work on a DC involves a mind blowing ammount of change forms and time.
by keeping the agents seperate we can modify as and when we like.
however... i can see no reason why your DC's would not cope, but if they are currently running at 75% then perhaps not...
you do of course have the option of using local agents on the Palo.
so... yes we had issues but probably not the ones you were thinking of...
03-04-2019 09:25 AM
Hello,
There are also policy and compliance requirements to take into consideration. For us we were not allowed to do this so we have a utility server just for this purpose.
Just some thoughts.
03-04-2019 04:25 PM
I would put it on a stand alone server. Let your DC be a DC no need to introduce an additional point of failure on it.
03-05-2019 02:04 PM
Thanks for responding
03-05-2019 02:04 PM
Thanks for the comment
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
