Building a PC to be used as a Active Directory domain controller?

By htcz
in Hardware Hangout

 Share

Recommended Posts

Mentor

htcz

Posted
Posted

Hey

Just to train (and play around), I'm looking to build a PC to use as a Active Directoy domain controller (among other things) This will be its only use and frankly only 2 PCs in my home can connect to a domain. So key here is budget. The only thing I see really is 2 ethernet ports. That's it.

Thanks!

Mentor

htcz

Posted
  • Author
Posted

You shouldn't need two Ethernet ports for a DC. Also, it might be good to use VirtualBox to play around with

In a proper DC setup you do..

ETH1 ETH2

Modem -------- > DC ---------> Switch/Router

This way my DC acts also as a firewall.

Virutalbox (VMWare) isnt the same thing.

Grand Master

PGHammer

Posted
Posted

Hey

Just to train (and play around), I'm looking to build a PC to use as a Active Directoy domain controller (among other things) This will be its only use and frankly only 2 PCs in my home can connect to a domain. So key here is budget. The only thing I see really is 2 ethernet ports. That's it.

Thanks!

For a lab-type DC, here's the spec skinny (my take):

CPU - Intel Core i5 (LGA1155) - Quad-core makes way too much sense for any sort of domain controller (even one for a micro-domain); however, you don't need HT for a lab-based DC (and you wouldn't overclock a server, let alone a DC, therefore no K-series). Safe bets - i5-2300 or i5-2310 (either is $179.99 @ Newegg)

Motherboard - BIOSTAR TZ77A - A Z chipset for a server sounds nuts; however, hear me out. Intel Rapid Storage Technology is certainly usable by a server (especially a low-end server) when you have an SSD (used as cache) and a RAID boot array. Also, you can completely forgo a discrete graphics card altogether. It's also a mere $109.99 at Newegg. Alternative - BIOSTAR TZ77B (6-phase PWM, vs. 8-phase PWM in the TZ77A, and $20 less at Newegg).

RAM - TEAM 16 GB (4GB x4) DDR3-1333 - Sandy Bridge can't normally use faster-speed memory than DDR3-1333 - in fact, it will actually underclock it in normal operation; why pay more for a faster speed you will never use? Hence my going bargain here - $69.98 at Newegg (use promo code EMCNFHF44 by April 30th to save an additional fifteen percent)

Secondary Ethernet - Intel EXPI9301 PCIe X1 gigabit adapter - Surprisingly, Intel gigabit is cheaper standalone than at the PHY level, and this is as solid (and as inexpensive) as Intel gigabit gets. $29.99 at Newegg.

Storage (internal SSD) - SAMSUNG 830 Series 64GB 2.5" SSD - When it comes to SSDs, there's Samsung, Intel - and everyone else. If Intel is too pricey, then Samsung is your only real choice. $104.99 at Newegg (MZ-7PC064B/WW)

Storage (RAID) - Western Digital Caviar Green WD15EARS x2 - These are the non-IntelliPower members of the Caviar Green family in this size (1.5 TB each) - $219.98 for the pair at Newegg.

OS - Windows Server 8 beta - The beta version of Microsoft's next Windows Server (Windows Server 2012); thus perfect for a lab. Cost - none (download from Microsoft TechNet or MSDN).

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

In a proper DC setup you do..

ETH1 ETH2

Modem -------- > DC ---------> Switch/Router

This way my DC acts also as a firewall.

Virutalbox (VMWare) isnt the same thing.

no you don't. the dc belongs behind the switch/router. The only time that you would have something that assinine is if you had a proxy server (isa server or forefront server). For a proper dc setup 1 network card is more than enough. I have been setting up proper Domain Controllers for years and I have never ever done or seen anything like this.

You can pick up a cheap supermicro server and do what you need to. dual nics is more for redundancy than anything else, if one nic fails the other is there to continue on. This is known as nic teaming. Nic teaming is the proper way to setup a DC, plugging the nics into two different switches so that even if a switch fails completely the other switch still has access to the dc. It is about redundancy not whatever you did there. The DC does not act as a firewall, it is not meant to and this creates a security risk by putting your user db on the outside of the firewall...might as well give the hacking community the keys to your house too.

Mentor

htcz

Posted
  • Author
Posted

no you don't. the dc belongs behind the switch/router. The only time that you would have something that assinine is if you had a proxy server (isa server or forefront server). For a proper dc setup 1 network card is more than enough. I have been setting up proper Domain Controllers for years and I have never ever done or seen anything like this.

You can pick up a cheap supermicro server and do what you need to. dual nics is more for redundancy than anything else, if one nic fails the other is there to continue on. This is known as nic teaming. Nic teaming is the proper way to setup a DC, plugging the nics into two different switches so that even if a switch fails completely the other switch still has access to the dc. It is about redundancy not whatever you did there. The DC does not act as a firewall, it is not meant to and this creates a security risk by putting your user db on the outside of the firewall...might as well give the hacking community the keys to your house too.

Im not sure what you understood so Ill put it downwards.

(Internet)

|

|

|

[MODEM]

|

|

|

|

V

[DC]

|

|

|

|

V

[sWITCH/ROUTER]

|

|

|

|

V

[PC]

I need dual NICs to control (or analyze if you might want to call it like that) what comes into the network (from external sources) to what comes out ONTO the network (the switch/router). Since there are only 2 possible PCs here that can connect to a domain, Ill trust everything inside the network.

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

Let me put it to you like this. Your dc has a trusted and untrusted interface. Your dc with your AD database that includes your user information in the SAM, passwords as well as usernames, group info, share rights, etc...and you are OK with this? This is about as secure as leaving your car running, keys in the ignition, door wide open, in the bad area in town with your pants around your ankles and a sign asking for a guy named bubba to come and ram a stick in your rear then take your car.

If you want it to be secure, dc behind the firewall, and a forefront threat management gateway server to handle your traffic monitoring with 2 nics for an unsecure and secure side. That is the proper way to do it, Microsoft wise. The forefront server becomes the firewall, not the DC.

Mentor

htcz

Posted
  • Author
Posted

For a lab-type DC, here's the spec skinny (my take):

CPU - Intel Core i5 (LGA1155) - Quad-core makes way too much sense for any sort of domain controller (even one for a micro-domain); however, you don't need HT for a lab-based DC (and you wouldn't overclock a server, let alone a DC, therefore no K-series). Safe bets - i5-2300 or i5-2310 (either is $179.99 @ Newegg)

Motherboard - BIOSTAR TZ77A - A Z chipset for a server sounds nuts; however, hear me out. Intel Rapid Storage Technology is certainly usable by a server (especially a low-end server) when you have an SSD (used as cache) and a RAID boot array. Also, you can completely forgo a discrete graphics card altogether. It's also a mere $109.99 at Newegg. Alternative - BIOSTAR TZ77B (6-phase PWM, vs. 8-phase PWM in the TZ77A, and $20 less at Newegg).

RAM - TEAM 16 GB (4GB x4) DDR3-1333 - Sandy Bridge can't normally use faster-speed memory than DDR3-1333 - in fact, it will actually underclock it in normal operation; why pay more for a faster speed you will never use? Hence my going bargain here - $69.98 at Newegg (use promo code EMCNFHF44 by April 30th to save an additional fifteen percent)

Secondary Ethernet - Intel EXPI9301 PCIe X1 gigabit adapter - Surprisingly, Intel gigabit is cheaper standalone than at the PHY level, and this is as solid (and as inexpensive) as Intel gigabit gets. $29.99 at Newegg.

Storage (internal SSD) - SAMSUNG 830 Series 64GB 2.5" SSD - When it comes to SSDs, there's Samsung, Intel - and everyone else. If Intel is too pricey, then Samsung is your only real choice. $104.99 at Newegg (MZ-7PC064B/WW)

Storage (RAID) - Western Digital Caviar Green WD15EARS x2 - These are the non-IntelliPower members of the Caviar Green family in this size (1.5 TB each) - $219.98 for the pair at Newegg.

OS - Windows Server 8 beta - The beta version of Microsoft's next Windows Server (Windows Server 2012); thus perfect for a lab. Cost - none (download from Microsoft TechNet or MSDN).

For a lab-type DC, here's the spec skinny (my take):

CPU - Intel Core i5 (LGA1155) - Quad-core makes way too much sense for any sort of domain controller (even one for a micro-domain); however, you don't need HT for a lab-based DC (and you wouldn't overclock a server, let alone a DC, therefore no K-series). Safe bets - i5-2300 or i5-2310 (either is $179.99 @ Newegg)

Motherboard - BIOSTAR TZ77A - A Z chipset for a server sounds nuts; however, hear me out. Intel Rapid Storage Technology is certainly usable by a server (especially a low-end server) when you have an SSD (used as cache) and a RAID boot array. Also, you can completely forgo a discrete graphics card altogether. It's also a mere $109.99 at Newegg. Alternative - BIOSTAR TZ77B (6-phase PWM, vs. 8-phase PWM in the TZ77A, and $20 less at Newegg).

RAM - TEAM 16 GB (4GB x4) DDR3-1333 - Sandy Bridge can't normally use faster-speed memory than DDR3-1333 - in fact, it will actually underclock it in normal operation; why pay more for a faster speed you will never use? Hence my going bargain here - $69.98 at Newegg (use promo code EMCNFHF44 by April 30th to save an additional fifteen percent)

Secondary Ethernet - Intel EXPI9301 PCIe X1 gigabit adapter - Surprisingly, Intel gigabit is cheaper standalone than at the PHY level, and this is as solid (and as inexpensive) as Intel gigabit gets. $29.99 at Newegg.

Storage (internal SSD) - SAMSUNG 830 Series 64GB 2.5" SSD - When it comes to SSDs, there's Samsung, Intel - and everyone else. If Intel is too pricey, then Samsung is your only real choice. $104.99 at Newegg (MZ-7PC064B/WW)

Storage (RAID) - Western Digital Caviar Green WD15EARS x2 - These are the non-IntelliPower members of the Caviar Green family in this size (1.5 TB each) - $219.98 for the pair at Newegg.

OS - Windows Server 8 beta - The beta version of Microsoft's next Windows Server (Windows Server 2012); thus perfect for a lab. Cost - none (download from Microsoft TechNet or MSDN).

Overkill for a pet project with only 2 clients.

Mentor

htcz

Posted
  • Author
Posted

Why did you even ask for help if all you are doing is arguing?

:/ Im not arguing. PGHammer's specs were WAY over the line/budget for a simple physical test. Ive player around with a Virutalbox but it is not the same. sc302 misunderstood me in the first post he made and now I read his second (did not notice it)

Thanks to all for the help.

Veteran

REM2000

Posted
Posted

I suppose one of the questions is what version of Windows are you using for the AD? If it's windows 2003 you could get by on a P4 and 512MB RAM, if it's Windows 2008R2 you'll need a 64bit processor and 1GB RAM, that is if all your doing is AD, you've only got a couple of potential machines connecting to it so your not going to tax it. So really any processor you buy will be fine, as it's a pet project just buy the cheapest machine you can.

Also in a production environment i wouldn't have the domain controller connected directly to anything apart from the switch with one nic, two if you want fall over.

Experienced

ShMaunder

Posted
Posted

You can use any old PC hardware for just an AD. I run my home network on an Intel Atom and this runs a Linux VM, AD/DNS/DHCP, file serving and a PS3 media server. The only thing it doesn't do that well at is the PS3 media server when it has to re-encode a big file on the fly.

I agree with sc302 with the double NIC thing. You don't want to be exposing your AD to the external web. Suppose instead you could do a ESXi setup but I would guess the network routing configuration would be complicated to say the least.

Mentor

htcz

Posted
  • Author
Posted

Let me put it to you like this. Your dc has a trusted and untrusted interface.

By interface, I understand (once again) 2 NICs....

Your dc with your AD database that includes your user information in the SAM, passwords as well as usernames, group info, share rights, etc...and you are OK with this?

This implementation will not be a production area. It will be at my home with 2 PCs that contain nothing "important" to the public eye.

This is about as secure as leaving your car running, keys in the ignition, door wide open, in the bad area in town with your pants around your ankles and a sign asking for a guy named bubba to come and ram a stick in your rear then take your car.

Vast exaggeration. The car is not running because you need a password to run it. The door may be unlocked but the town only has about 10 citizens, none what so ever tech orientated (all the wifi signals in my neighboorhood are WEP :laugh: ) so there is no bubba, no sign, and no stick.

Would I even consider implementing a system like this in a production system? No way. I would consider my options (obviously you have given great advice so thank you) and then implement it another way.

If you want it to be secure, dc behind the firewall, and a forefront threat management gateway server to handle your traffic monitoring with 2 nics for an unsecure and secure side. That is the proper way to do it, Microsoft wise. The forefront server becomes the firewall, not the DC.

So your setup would be something like { Things in () are software/non existing/virtual/etc components and things in [] are hardware components } :

(Internet)

|

|

|

[MODEM]

|

|

|

|

V

(Firewall)

|

|

|

|

V

[DC]

|

|

|

|

V

[sWITCH/ROUTER]

|

|

|

|

V

[PC]

There is something a bit bugging me which maybe is my fault of lack of knowledge. On the DC, I can simply put a firewall for incoming connections and on the switch/router (which runs DD-WRT) I can put another firewall, making the DC be in a DMZ zone. I THINK what you are trying to get it is using another piece of equipment before the DC to use as a more secure firewall, which obviously is not the topic at hand :)

After all this conversation (and of course learning a thing or two), lets stick to the topic: Building a PC to be used as a Active Directory domain controller. Lets forget about security, setup, etc. for now. I just want to build a PC to be used as a Active Directory domain controller (hence why in the hardware section of Neowin)

The most I want out of this PC is probably getting the clients on the domain and Group Policy. After that, I really don't want much else out of it. Thats why it has to be budget :)

Grand Master

xendrome

Posted
Posted

no you don't. the dc belongs behind the switch/router. The only time that you would have something that assinine is if you had a proxy server (isa server or forefront server). For a proper dc setup 1 network card is more than enough. I have been setting up proper Domain Controllers for years and I have never ever done or seen anything like this.

You can pick up a cheap supermicro server and do what you need to. dual nics is more for redundancy than anything else, if one nic fails the other is there to continue on. This is known as nic teaming. Nic teaming is the proper way to setup a DC, plugging the nics into two different switches so that even if a switch fails completely the other switch still has access to the dc. It is about redundancy not whatever you did there. The DC does not act as a firewall, it is not meant to and this creates a security risk by putting your user db on the outside of the firewall...might as well give the hacking community the keys to your house too.

All of this is correct, you don't need 2 NICs for a DC unless like he says you are worried about redundancy... I am not sure why you would put a DC between your Modem and Router. The only box that should be there in a normal network if you are using one would be a Proxy/Firewall system...

Mentor

htcz

Posted
  • Author
Posted

I suppose one of the questions is what version of Windows are you using for the AD? If it's windows 2003 you could get by on a P4 and 512MB RAM, if it's Windows 2008R2 you'll need a 64bit processor and 1GB RAM, that is if all your doing is AD, you've only got a couple of potential machines connecting to it so your not going to tax it. So really any processor you buy will be fine, as it's a pet project just buy the cheapest machine you can.

Also in a production environment i wouldn't have the domain controller connected directly to anything apart from the switch with one nic, two if you want fall over.

Well Im going to start with Windows Server 2008 R2 but once released, Ill go with Windows Server 2012. This means that (at beta time) the min requirements will be a 64 bit processor running at least 1.4 GHz, 512 MB of RAM, and at least 32GB of free space. Obviously, a bit more is needed as min requirements are not always the best and I may mess around with our things as well (Exchange servers, DNS/DHCP, etc) in the future.

You can use any old PC hardware for just an AD. I run my home network on an Intel Atom and this runs a Linux VM, AD/DNS/DHCP, file serving and a PS3 media server. The only thing it doesn't do that well at is the PS3 media server when it has to re-encode a big file on the fly.

I agree with sc302 with the double NIC thing. You don't want to be exposing your AD to the external web. Suppose instead you could do a ESXi setup but I would guess the network routing configuration would be complicated to say the least.

Pretty much same as above :)

Mentor

giantsnyy

Posted
Posted

Honestly for just a domain controller, I would keep the hardware specs to the minimum requirements for Windows Server or slightly above. If the machine will act solely as a DC (and maybe some small file storage), then it will only be handling authentications, which takes up almost no system resources.

I have servers at work using 2.4Ghz Athlon 64's with 512MB ram running Server 2003R2 that function as domain controllers for 50+ users easily.

Mentor

htcz

Posted
  • Author
Posted

I got this cheap list (cheapest products unless it was a nobrand vs a brand and the cost was min):

Gigabyte GA-H61M-DS2 41 euros

Intel Dual Core G620 2.6Ghz Box Socket 1155 53 euros

WD Caviar Blue 250GB SATA3 62 euros

Kingston ValueRAM 4GB DDR3 1333 PC3-10600 CL9 23 euros

Sony AD-5280S-0B DVD-RW 24X Black OEM 16.50 euros

Cooler Master Elite 342 MicroATX 27 euros

B-Move PSU 450W 17.95 euros

Total: 240.45 euros

I can cutdown to 2GB on the RAM and on the case....

Grand Master

majortom1981

Posted
Posted

The only thing you want is for the OS hdd to be raided in a mirror so that if one hdd dies you still have the other as a backup.

If your using 2008 or 2008 r2 i also advise an external hdd to be used as a backup drive for windows server backup.

Thats what I would recommend for a domain controller.

Mentor

htcz

Posted
  • Author
Posted

Why can't you understand that you don't need two NICs. One will be sufficient.

OK, then I guess, since we continue to make the software side a issue, we will have this setup:

(Internet)

|

|

|

[MODEM]

|

|

|

|

V

[sWITCH/ROUTER (Firewall)]

| |

| |

| |

| |

V V

[PC] [DC]

Mentor

htcz

Posted
  • Author
Posted

The only thing you want is for the OS hdd to be raided in a mirror so that if one hdd dies you still have the other as a backup.

If your using 2008 or 2008 r2 i also advise an external hdd to be used as a backup drive for windows server backup.

Thats what I would recommend for a domain controller.

Once again, this is not a production system. If the HDD dies, Ill just simply send it back, get a replacement, and reinstall.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • 4TB TEAMGROUP MP44Q, 2TB T-Force G50, and 2TB WD My Passport SSDs drop to great prices

      By ryansurfer98 · Posted

      Neowin is saying these are good prices? Thats crazy. As others have said they are just ######. Time for big tech to bring down the prices for real not this fake crap.
    • Hands on with iFlyTek AINote 2 E-Ink tablet: insanely thin and smart

      By The Werewolf · Posted

      The iFlyTek AINote 2 is among the thinnest E-Ink tablets. It has an EMR stylus, a built-in fingerprint reader, and plenty of built-in AI features. You had me until "and plenty of built-in AI features." That and any company that still does the iProduct naming trope is an immediate pass. It suggests the company isn't very imaginative or creative and is trying to piggyback off another company's success. Extremely lame. Also kind of expensive. Better choices at lower prices out there.
    • 4TB TEAMGROUP MP44Q, 2TB T-Force G50, and 2TB WD My Passport SSDs drop to great prices

      By The Werewolf · Posted

      These are not "great" prices... just "less awful". Apparently "Those who forget the past are doomed to pay higher prices and think they've won."
    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By monterxz · Posted

      Russia was able to invade Crimea because of those people. But my point is that I've personally heard how great it was to be "back in Russia" right afterwards - look how great it is now. I've asked you a question in another comment which you haven't answered, so I'll ask it again: is it better now without "Europrats"?
    • ZimaBoard 2 1664 Starter Kit review: it's a cool and affordable DIY NAS

      By Steven P. · Posted

      ZimaBoard 2 1664 Starter Kit review: it's a cool and affordable DIY NAS by Steven Parker IceWhale Technology reached out to me asking if I was interested in testing the ZimaBoard 2, and after convincing them to send me the Starter Kit, it arrived at my doorstep in May. A bit of background: it is a Shanghai-based Chinese company founded in 2020, which specializes in single-board servers and personal cloud solutions. From searching around online, user feedback on the company and ZimaOS is mostly positive, so we're off to a good start. In addition, I should probably point out that although they do not have a large portfolio of NAS devices, with just four of what they do offer, they seem to have covered everything from a relatively low-priced entry point with the ZimaBoard 2, right up to the high end, with the ZimaCube 2 Creator Pack that even includes an NVIDIA RTX PRO 2000. Anyway, as already mentioned, what we have today is the ZimaBoard 2 Starter Kit, and here are the full specifications: ZimaBoard 2 Model 832, 1664 CPU Intel Core N150 (4x E Cores/Threads, Max burst up to 3.6 GHz) TDP: 6W (Base) 10W (Max) Graphics Intel UHD Graphics 24 EUs (1.00 GHz) Memory 8 GB, 16 GB DDR5 4800MT/s non ECC SODIMM (soldered) Disk Capacity 60 TB (30 TB x 2) Supported RAID Types TRAID, TRAID +, RAID0, RAID1, RAID5, RAID 6, RAID 10 Storage 2 x SATA 3.0 6Gb/s Ports with Power Bootloader 32 GB, 64 GB eMMC Network 2x RJ-45 2.5 GbE PCIe 1 x PCIe 3.0 (via LPC) USB Ports 2 x USB-A 3.1 (5 Gbps) Display Mini-DisplayPort 1.4 (4K@60Hz) Hardware Transcoding Engine H.264, H.265, MPEG-4, VC-1 Maximum resolution: 4K (4096 x 2160); Maximum FPS: 60 Virtualization Intel® AES New Instructions Intel® Virtualization Technology (VT-x) Intel® Virtualization Technology for Directed I/O (VT-d) Size (H/W/D) 140mm x 83mm x 31mm Weight 0.4 kg (only ZimaBoard 2 device) Power 12v 5A Power Supply Warranty 1 year (Global) 2 Years (EU) OS ZimaOS v1.6.1 MSRP $339, $399 ($548.60) As you can see above, there are two variants of the ZimaBoard 2. The lesser variant has half the eMMC storage and 8 GB less RAM, although it also costs $60 less than the top variant we are testing today. The above pricing is only for the ZimaBoard 2. I put the MSRP of the Starter Kit next to it in brackets, although as of publishing, it is discounted to $534.50. The ZimaBoard 2 started life on Kickstarter and shipped to backers in August last year. It became available via the official website in late 2025 and Q1 2026. This hobbyist NAS contains the still relatively new N150 Intel CPU released in the first quarter of 2025, with support for DisplayPort 1.4, HDMI 2.1, although in this case, the memory is integrated into the board itself, so it will not be possible to upgrade or expand the amount. It also supports AV1 decoding, as well as H.264, VP8, VP9, H.265 (8 bit), and H.265 (10 bit). The different capabilities in the Alder Lake-N (and Twin Lake) series are listed below. Processor E-cores L3-cache Turbo clock GPU GPU-clock TDP Intel N355 8 6 MB 3.9 GHz 32 EUs 1.35 GHz 9 W Intel Core 3 N350 3.9 GHz 1.35 GHz 7 W Intel Core i3-N305 3.8 GHz 1.25 GHz 9 W Intel Core i3-N300 3.8 GHz 1.25 GHz Intel N250 4 3.8 GHz 1.25 GHz 6 W Intel Processor N200 3.7 GHz 0.75 GHz Intel N150 3.6 GHz 24 EUs 1 GHz Intel N97 1.2 GHz 12 W Intel Processor N100 3.4 GHz 0.75 GHz 6 W The CPU is part of the Twin Lake series that sits near the bottom of the N-series, designed for low- powered systems and entry-level laptops, and as such has a base level TDP of just 6W. As I have noted before, we are seeing another NAS with a great amount of RAM. It's important to mention that the ZimaBoard 2's memory is integrated into the base board (which is why they have two variants of it). As a reminder, up until a couple of years ago, it was commonplace to only get 2 or 4GB max on a flagship Synology or QNAP home NAS. Ever since the likes of TerraMaster and more have entered the market with ample RAM sizes included in their NAS offerings, it has gone a long way in forcing the hands of the traditional makers to up their game a bit. First impressions The Starter Kit came in one outer box with several packages inside it (shown above). I forgot to take pics of it because when it arrived, it wasn't clear what was inside, and I had to confirm with my contact that I received the entire Starter Kit. In the box ZimaBoard 2 ZimaBoard 2 HDD Expansion Bracket + PCIe card frame Zimaboard Mini DisplayPort Male to HDMI Female Cable 4K 60Hz Zimaboard PCIe 3.0 x4 to Dual NVMe M.2 SSD Adapter Card Quick guide [full online guide] Limited warranty notice Screws Design Where to start? You'd be forgiven for mistaking it as an SSD enclosure if not for all the ports on it. It is completely made out of metal, and the top is an entire heatsink. It has a premium feel about it, but it definitely looks like a hobby device. As you will see, the completed build looks like it belongs in a server or meter closet rather than as a showpiece on someone's desk. On what I am calling the rear, there's a Mini DisplayPort (1.4), two 2.5 GbE ports, with Type A 3.1 USB ports, and then the barrel connector port. Around the front, there are two SATA6 ports with a power connector in the middle. Left side Right side One side is completely free of ports. On the other there's a slit that allows for the feed of a CPU fan cable, and a PCIe 3.0 X4 slot. Top Bottom The top is entirely made up of a heatsink except for the extended height for the I/O on the rear. Around the other side, you can find the ZIMA branding and some regulatory information stamped near the bottom. As you may see from the bottom of the ZimaBoard 2, it scratches quite easily from just moving it around on my Ikea island. Teardown Before we get started, let's have a look at this thing on the inside. The steps to get to the board are as follows: Remove the four smaller Torx screws on the bottom of the ZimaBoard 2; Remove the four larger Torx screws on the sides of the device; Carefully unstick the CMOS battery from the PCB; Remove two Phillips screws on the PCB; Lift out the PCB. Yes, as you can tell from the instructions, you need three different tools to remove Torx and Phillips screws (10 in total), and unhelpfully, one of the screws is located under the CMOS battery, which is stuck onto the PCB. Building Now comes the fun part. Because the ZimaSpace website does not provide any guidance on how to put the Starter Kit together. They only have guidance for connecting the CPU fan. However, they did upload a video to their YouTube channel that shows the entire process. To install the fan, first remove the four screws on the bottom of the ZimaBoard 2, then on the inside, there is a CPU FAN connector where you can attach the fan, reattach the ZimaBoard 2 frame, and feed the fan cable through the provided slit. Then remove the nearest screw on the side and attach the fan frame to the side of the device using the same screw. ZimaBard 2 screws Aligning the screws Bottom view Remember those four screws we removed to access the CPU FAN? Longer screws are provided in the box with the HDD Expansion Bracket, which is what you will now need to attach the ZimaBoard 2 to it. Helpfully, the orientation on how to attach it is made obvious when the frame can only be screwed on at the same overall length as the ZimaBoard 2. If you do it the wrong way around (which is what I did initially) one side hangs off the frame, and it becomes difficult to attach the PCIe Adapter Card cable. PCIe card frame Other side PCIe slot connector Next, it's time to attach the PCIe card frame, which is fastened with the help of 3.5-inch SATA HDD (3 screws). These are toolless screws that you can just use your fingers to fasten them with. Then it is time to connect the provided PCIe cable with the slot connector on one side of the ZimaBoard 2, feed it through the bottom of the HDD frame, and fasten it with two standoffs. Both bracket options 2280 standoffs with 2x 4TB MP44Q The PCIe 3.0 X4 card comes with a short bracket option, handy if you decide to place it inside a different NAS or rack server, but here we need the long bracket. Oddly enough, the M.2 standoffs were preinstalled into the 22110 position, but extra standoffs are included in the box, which I installed at the 2280 position for our use. I added a couple of MP44Q M.2 PCIe 4.0 SSDs (2 x 4TB) that can be availed on Amazon for $478.99 (the lowest price for 3 months) that TEAMGROUP supplied us with Then we have the almost completed build, you just need to push the card into the PCIe slot. Unfortunately, IceWhale Technologies did not provide a screw for the PCIe card frame (this is also apparent in their own video). Here it is at several different angles, with the last pic showing the SATA Y-Cable connected to the two WD Red Plus 4TB drives. Setup and Usage Next, you connect your cables to the I/O, and the ZimaBoard 2 powers on automatically, as there is no power button on the device. Power is controlled through the Settings in ZimaOS. BIOS The ZimaBoard 2 includes an Aptio BIOS from American Megatrends [1, 2, 3], and you can setup pretty much everything here including the boot order, which is locked to the UEFI OS, however above that choice you can enable or disable booting to a SATA/USB bootloader so this would still allow you to switch to an alternative bootloader and boot from it, or disable it to instead always start from the first disk with an OS installed on it. Initial Setup Upon connecting to the LAN and booting up, the ZimaBoard 2 can be reached by navigating to the IP address (shown if you have a monitor connected), or you can find it using the ZIMA Client desktop application, which is essentially a Zima device finder. Initializing the ZimaBoard 2 The ZimaOS setup process is pretty straightforward, through a wizard, and in full above, it basically consists of setting up an account and some handy tips, and that's that! Post Setup (ZimaOS update) Upon first boot, you are alerted that there is a ZimaOS update from 1.5.0 to 1.6.1, which I applied; the full process is shown above with the changelog. ZimaBoard 2 Storage Setup Next, it is time to set up the storage. ZimaOS actually throws everything onto the eMMC flash drive; it is also the default location of AppData, which is definitely something to be wary about, as the 45GB available storage could fill up quickly. HDDs I first attempted to create a Storage Pool using the two 4TB WD Red Plus NAS drives, and got an error message: After several attempts and then looking online, I discovered it was a bug with ZimaOS where the fix was simply to reboot ZimaOS and then try again, this time I was able to create a RAID mirror using the two drives. SSDs I did the same for the SSDs, as you will see in the above gallery, when I created the second Storage Pool, it only allowed me to select available drives. ZimaBoard 2 AppData ZimaOS comes with an App Store that includes a repository of almost 400 apps, so you will be able to find most of what you'll need for a NAS (although after a quick search, I wasn't able to find a Surveillance Manager), and now comes the important part: moving the default AppData location off the 45GB eMMC and onto a larger volume: Open Settings Then Apps Then, in the Select a new location field, click on the new Storage volume you want to move it to (in my case, the Apps Storage Pool), which is the SSD RAID mirror. Confirm the Migration warning Be praised! You can also do this for Docker (which by default installs onto the 45GB eMMC flash drive) and the User database. Plex Setup Next, I tested the configuration by installing the Plex Server app from the App Store. The library folders must already exist (which I placed into the Storage Pool). Plex Server setup is straightforward and requires very little configuration. In my case, all I had to do was add the media path I just created, which you can also browse to using the folder icon in the path field. In addition, you can now map the new Media library in Windows Explorer using the Zima Client. Oddly enough, it is not possible to access the ZimaBoard 2 over the Network Neighborhood; you must map drives using the client, which is shown in the last image in the above gallery. I watched one of my Blu-Ray rips, which is Dolby Vision with Dolby Atmos, and the content played fine with no stuttering or buffering, which is what anyone needs in this scenario. ZimaBoard 2 Zima Client mobile app There's also a client for mobile. It is pretty barebones, as shown in the above gallery, for example, the Apps screen launches the WebUI for that app, and the Backup must be done manually. On opening Backup, you can select internal storage folders on your phone to backup to the ZimaBoard 2's storage, and although this is constantly scanned, the backup action itself must be manually triggered. There is an option to allow foreground backup (last image in the above gallery), but this basically means the queued backup gets triggered when you manually open the app. Benchmarking SATA PCIe 3.0 X4 A CrystalDiskMark test on a mapped network drive from within a Windows 11 25H2 PC (image above) connected over a 2.5 GbE was well within acceptable ranges. Writes were generally better on the SSD RAID mirror. SATA PCIe 3.0 X1 I also ran the NAS Performance tester, which tests the link speed performance. As you can see, it pretty much maxes out the 2.5GbE connection. Of course, you can also opt to bond the two 2.5 GbE connections for a bit more umph, but I didn't do that. Thermals Top PCIe card SATA HDDs Next, I measured some hotspots while playing content on Plex. It's fair to say this will perform better than a NAS that is enclosed in a metal or plastic case, as almost everything storage-wise is exposed! Anyway, the ZimaBoard 2 did not break a sweat with Plex streaming or disk benchmarks. ZimaOS Factory Reset ZimaOS does not include a factory reset option. Instead, you have to download the ZimaOS image and flash it to the eMMC manually. The flashing process is shown in the above gallery. The steps to do so are listed below: Download the ZimaOS image here; Open BalenaEtcher (Run as Administrator) and select the image; Select your inserted USB drive (min 8 GB) Flash to it; Connect your USB drive, monitor, keyboard, USB hub (optional), mouse (optional), and network cable (recommended) to the ZimaBoard 2; Connect power and press F11 continuously; Select your USB drive starting with UEFI in the boot device menu; Press Enter on the Install ZimaOS option; Select /dev/mmcblk0 (MMC) flash drive as target; Confirm with (three times) to wipe the target disk; Wait a couple of minutes while ZimaOS installs; Remove the USB drive and confirm with a reboot; Your ZimaBoard 2 has been factory reset. However, you don't have to stick with ZimaOS, in fact the company also offers official CasaOS images, that are based on Debian; or as they say themselves, put anything you want on this "hackable single board server" it's up to you. Conclusion I had a lot of fun putting this together. I've custom-built all my own PCs and servers since the 90s, and this is the first time I have had to put a NAS together. Even if the actual base ZimaBoard 2 was already a completed build, it still feels pretty custom. I just wish that IceWhale Technology included a getting-started guide in the box for the Start Kit, which would have really completed this kit. Instead, I had to search for the official video on the YouTube channel to make sure I wasn't doing anything wrong. So who is this for? Definitely the hobbyist who is comfortable building their own PC and servers. It also has a much smaller footprint than its nearest equivalent (in terms of specs), like the Beelink Me Pro, which is another NAS I will be testing soon. Although the Beelink does not come with the PCIe 3.0 X4 expansion, the ZimaBoard 2 Starter Kit suddenly looks to be a great bargain, even if it only offers the two 3.5-inch bays over the four in the other example. It makes a lot of sense to use Intel's N150 chip inside a NAS; it is more than capable of doing what the ZimaBoard 2 is intended for, media streaming and backup. It also looks like the IceWhale Technology staff are quite active in the official forums helping people with issues they come across with ZimaOS and the devices, peer support seems to be good as well, I was quickly able to find why I was not able to create a new Storage Pool in ZimaOS v1.6.1 even though that is quite a serious bug, hopefully it will be fixed in the next update. If you are comfortable with the command line and Docker, you'll be fine. You can do great things with this hardware. This was my first time with ZimaOS. It seems a bit barebones in comparison to the likes of Synology DSM, TOS, and UGOS, but it has a ton of apps to get you started with your home or small business NAS. Where to buy As of publishing, IceWhale Technology is running a discount of up to 5% for the Starter Kit. If you opt to get just the ZimaBoard 2 itself, it does come with a SATA Y-Cable, so you will be able to connect up to two 3.5-inch HDDs to it. ZimaBoard 2 1668 Starter Kit for $534.50 on Amazon US (was $548.60) ZimaBoard 2 832 Starter Kit for $372.88 on Amazon US (was $390.60) Zimaboard 2 1668 (16GB+64GB) for $419.90 on Amazon US Zimaboard 2 832 (8GB+32GB) for $359.90 on Amazon Disclosure: IceWhale Technology provided a free sample without any editorial input or review pre-approval. Good to know The Amazon link is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, when you purchase through links on our site, we earn from qualifying purchases.

  • Recent Achievements

    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done
    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      487
    2. 2
      +Edouard
      220
    3. 3
      PsYcHoKiLLa
      147
    4. 4
      Steven P.
      74
    5. 5
      FloatingFatMan
      70
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!