This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.
Course Of The Month
5 days, 10 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Creating a Trust Relationship between two Domain Controllers.
Posted on 2004-09-23
Hello again, here is my situation.
Scheduled for this saturday. I am going to be removing a file server(fs1) that we currently have and replacing it with a new file server (fs2). We currently have a DC controller(apps1) setup on the network, however this is just used for terminal services. None of the client machines connect to apps1. We would like to be able to setup a trust relationship between fs2 and apps1. However i do not know the process at which this would be done, since apps1 is already a DC. Also, all client machines are running Windows XP Professional, after joining them to the domain, how can i keep all of their desktop settings, etc. I will be completing this on Saturday, so any thoughts would be great?
Thanks :)
Scheduled for this saturday. I am going to be removing a file server(fs1) that we currently have and replacing it with a new file server (fs2). We currently have a DC controller(apps1) setup on the network, however this is just used for terminal services. None of the client machines connect to apps1. We would like to be able to setup a trust relationship between fs2 and apps1. However i do not know the process at which this would be done, since apps1 is already a DC. Also, all client machines are running Windows XP Professional, after joining them to the domain, how can i keep all of their desktop settings, etc. I will be completing this on Saturday, so any thoughts would be great?
Thanks :)
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
5
5-
5
15 Comments
So I take it that you currently do not have a domain and that fs2 will be the PDC?
For your users' profile data, ie: desktop settings:
Once the users log in then you will need to copy their local profiles over to their domain account. Open up the system folder and go to the advance tab. Under user profiles, select settings. This will give you a list of all user profiles on the computer....the new domains accounts will have the domain name in front. You will need to copy the local profile to the domain profile.
For the trust relationship, if the 2 servers are in 2 different domains then you can use active directory domains and trusts to setup the relationship. But if they are in the same domain, then you don't need a trust relationship.
For your users' profile data, ie: desktop settings:
Once the users log in then you will need to copy their local profiles over to their domain account. Open up the system folder and go to the advance tab. Under user profiles, select settings. This will give you a list of all user profiles on the computer....the new domains accounts will have the domain name in front. You will need to copy the local profile to the domain profile.
For the trust relationship, if the 2 servers are in 2 different domains then you can use active directory domains and trusts to setup the relationship. But if they are in the same domain, then you don't need a trust relationship.
i think you are going about this in the wrong way.... you dont need a trust at all.... a trust is if you have 2 domains, you only have one, and you only need one. FS2 doesn't need to be a DC at all from what you have told us. Is there another reason that FS2 needs to be a DC? Where do your users currently store thier desktop settings? Locallly or on FS1? IE are you using roamin or local profiles. FYI...PDC and BDC are NT 4.0 terms,, they are not used in 2000/2003 domains except the PDC emulator FSMO role which is used for backward compatablity if you have NT4 DCs still on your network.
Yes, I made a mistake...mikeleebrla is right: there is no PDC in post NT so I should have asked if fs2 would be the machine authenticating users.
FS1 is our current file server - Stores network shares.
FS2 is our new File Server - Will store all of our network shares, when FS1 is replaced.
App1 - is our application server, used for sales to access an accounting application remotely via Terminal services(we have about 14 sales people logining in at 1 time) this has been promoted to a DC because terminal services does not run without this installed.
Also, none of the client computers are joined to App1 they are just joined to a workgroup.
All client computers have local profiles... luv2smile thanks for your help :)
FS2 is our new File Server - Will store all of our network shares, when FS1 is replaced.
App1 - is our application server, used for sales to access an accounting application remotely via Terminal services(we have about 14 sales people logining in at 1 time) this has been promoted to a DC because terminal services does not run without this installed.
Also, none of the client computers are joined to App1 they are just joined to a workgroup.
All client computers have local profiles... luv2smile thanks for your help :)
So if I understand this correctly:
You would install active directory on FS2 and so FS2 would authenticate users in the domain. You would need to only setup one domain and simply add App1 do that domain.
You would install active directory on FS2 and so FS2 would authenticate users in the domain. You would need to only setup one domain and simply add App1 do that domain.
i think you misunderstood, but i could be wrong, b/c im confused somewhat myself..... mostym says that he promoted App1 to a DC,,, was there a domain at all before that,,, or is App1 the only DC?
Yes, I think the confusion is over if a domain is being created and on what machine is intended to be used to setup the domain.
"none of the client computers are joined to App1 they are just joined to a workgroup"
So this tells me there currently is no domain and that he will be creating a domain. I was assuming that FS2 had been designated to setup the domain on. But evaluating this more, it would make sense to setup the domain on App1 since its already a DC unless you need FS2 to be a DC for some other reason. That is considering that App1 doesn't run SQL or has some other characteristic that would make it not favorable to be the "main" DC so to speak.
If I'm going the wrong way with this, I apologize.
"none of the client computers are joined to App1 they are just joined to a workgroup"
So this tells me there currently is no domain and that he will be creating a domain. I was assuming that FS2 had been designated to setup the domain on. But evaluating this more, it would make sense to setup the domain on App1 since its already a DC unless you need FS2 to be a DC for some other reason. That is considering that App1 doesn't run SQL or has some other characteristic that would make it not favorable to be the "main" DC so to speak.
If I'm going the wrong way with this, I apologize.
I appologize for the confusion.
First let me make this very clear, app1 is a DC, however no client pcs are joined to this DC. It is used for the sales team(remote) and accounting staff(local) to remote desktop to access an accounting software as well as a lead management tool. The reason this is a DC is because terminal services can only be run when the server is a DC.
FS1 is NOT a DC, it is our current file server, it stores network shares, and is currently running DHCP.
When we replace FS1 with FS2 we want FS2 to be a DC so the client computers, can be joined to this DC, and so this can still be our DHCP server.
I hope this clears things up :)
Thanks
First let me make this very clear, app1 is a DC, however no client pcs are joined to this DC. It is used for the sales team(remote) and accounting staff(local) to remote desktop to access an accounting software as well as a lead management tool. The reason this is a DC is because terminal services can only be run when the server is a DC.
FS1 is NOT a DC, it is our current file server, it stores network shares, and is currently running DHCP.
When we replace FS1 with FS2 we want FS2 to be a DC so the client computers, can be joined to this DC, and so this can still be our DHCP server.
I hope this clears things up :)
Thanks
ok,, so do you want FS2 to be in its own domain,, or the same domain as app1, or in a child domain in the parent domain as app1. each setup is different, you just have to decide what you want.
I would like to be able to have 1 login/password for each user, when they login to FS2 or app1.
thanks :)
thanks :)
then just have one flat domain. you can join as many domain controllers as you would like to that domain. just run DCpromo on a server that is a member of the domain.
Yep, one domain is all you need...no need for a trust. Follow the instructions I previously gave you for copying local profiles. The profiles will still be local, but the users will get the profile/desktop settings back. If you want to do roaming profiles then that's another topic, but I assume you want to keep the profiles local.
Featured Post
Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar.
Int…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses
Course of the Month5 days, 10 hours left to enroll
705 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.