Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 696
  • Last Modified:

Windows 2003 Server - Active Directory - Multiple Servers

Good morning all.  Have a question about AD and multiple servers.  Currently I've been tasked to build a closed network for demo purposes, that consists of 3 servers and 4 workstations.  2 of the servers will house server side applications that require AD authentication when a user uses any of the workstations to log into the applications via thin clients that are loaded on the workstaions.  My thought was to make the 3rd server (the one thats not being used by any applications) the DC server and create a domain/AD called DEMO.  Where i'm stuck at is how to i configure the other 2 application servers to use the AD permissions from the DEMO domain so that when the users log into the DEMO domain via any workstation and uses the thin clients, those permissions will be xfered to the appliciaton servers.  I just want the AD permissions to be available to the application servers... Thanks much ... looking forward to your responses......
0
D00Dness
Asked:
D00Dness
  • 3
  • 3
  • 2
1 Solution
 
luv2smileCommented:
Just make the application servers member servers. In an AD environment...all servers are either DCs or member servers. DCs of course are your domain controllers which manage your domain. Member servers are really basically just like workstations...they are servers, but they are simply "members" of the domain just as a workstation is a member. You join them in the same way. And just as with a workstation, you have "permissions" available from the domain among other things.
0
 
D00DnessAuthor Commented:
Luv ! Good to see you again :) ...

Ok so I will be making the AD Domain on the 3rd server, and then just 'adding' the 2 applciation servers and 2 workstations to the domain by changing them from workgroup to the domain.... and the AD permissions will be xfered to the applicaion servers when the thin clients are used....?

Just want to make sure I'm clear .......i've had no luck with AD in the past :) ....
0
 
bbaracCommented:
Good day everyone.  I have a question about implementing login scripts on 2003 server in AD environment to map shared drives when the user logs in.  The problem that I am having is, the company that I am working for has a DC at each site, but only our central office has the control of the DC's and they won't give anyone else access because we just migrated recently to AD and they want to make sure that nothing goes wrong at this point in time.  Now I am switching our Novell file server to 2003 server, and I wanted to create login scripts for the shares to be mapped automatically as the users log in, but since I don't have access to the DC I can’t do this using GPO’s or VBScripts.  So since I don't have access to the DC and to get the headquarters to do any of this for me is pretty much impossible, I was wondering if it's possible to create a basic batch file login script, create a share on this new file server that's not a DC/BDC just a basic 2003 files server, and store these scripts in the share.  Then in AD under user properties, profile tab point the profile path to the share that the login scripts are located on \\servername\share, and under the logon script tab put the login script name xxxx.bat.

I created a basic batch file and I placed it in the startup folder of my machine just to make sure that the script is ok and everything was fine, the shares were mapped with no problems, and I even put a basic net send command just to make sure that I see the .bat file execute.  When I did all this under my users properties profile tab in AD and tried to log in nothing happened, but I was getting an popup when login out about "not being able to copy roaming profile"  So is it even possible to store the login scripts on a none DC server?  And then point to them by using the Profile tab under user properties? And if not, any other options that I might have?

I know the easiest thing to do, would be store the scripts on DC and use VBScripts or GPO’s, but like I said that's not an option in this strange case of mine, take way to long to coordinate any of this with head office IT staff.  

Help would be appreciated,

Thanks

0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
bbaracCommented:
Ops, sorry posted my question in a wrong section, first time using this site.
0
 
luv2smileCommented:
D00Dness,

Yep, sounds like you've got it right. Now just to make sure......what exactly are you referring to when you say permissions? Do you mean that the domain users will be able to authenticate on those machines?
0
 
D00DnessAuthor Commented:
bbarac -- not a problem ... it happens..

Luv -- Apparently the 2 application servers use AD as part of their user authentication for their applications......which in trun give them their permissions within the applications.... if that makes sense :) (I keep telling them, im a hardware enginner not a programer :) :) ) .....Tks
0
 
luv2smileCommented:
They should be fine as member servers :)
0
 
D00DnessAuthor Commented:
Luv ---Thanks much .. I'll let you know the outcome.. tks for your expertize :) ..... btw ....any reference material you recommend to read up on AD either web and/or hard copy?  Tks again..

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now