REMOVING A DOMAIN CONTROLLER
Posted on 2006-04-08
I have what used to be a very simple network. Basically, we had 7 PCs running a mix of XP Home and XP Professional, and 2 Windows-based servers. One server was an application server and the other was a file server.
We had a pretty vanilla set-up. All PCs, servers and users, were connected via a Linksys gigabit switch and the switch was connected to a Linksys router. The router was configured for DHCP, as usual. The router was then connected to a DSL modem to TELCO.
And then someone in his infinite wisdom decided he was going to install a domain controller (DC) with Active Directory. Why? I have no idea. But now things are a lot more complicated.
Now, instead of everyone simply using a local account where their user-profile/settings are saved locally, we have users authenticating to the domain controller and their user-profile/user-account settings being saved on the controller.
So, to remove the user from the domain, this is what I had to do:
1.) Copy all the My Documents and Desktop files to the local machine, directly under the C: drive.
2.) Log on to the end-user machine as the administrator and change the way the machine logs on by configuring it as though there is no DC. You do this by going to My Comuter and right-clicking on the Properties tab. And then you go to "computer name"...bla bla bla.
3.) I then restarted the end-user machine and when it booted up, I, of course, was disassociated from the domain. It was basically a stand-alone machine. But now the users files and settings were completely lost.
4.) Therefore, being off the domain now, I created a LOCAL user account and simply copied all the Desktop and My Documents files I saved previously, directly under the C: drive, right into the new account's Desktop and My Documents folder. Therefore, even though I am no longer on the domain, and the domain controller was saving all my user data/settings in a user profile for this machine, I now had everything saved locally. So, the user had all their files and settings back but they were now OFF the domain.
NOW, MY PROBLEM:
The machine is now off the domain, but I can no longer map a network drive on the file server, which IS STILL on the domain. I can map to it from a network perspective (in other words, under My Computer, you CAN see a connection to the network drive), but when I double-click on it, I get "Access Denied." I cannot view the file directory on the file server.
It seems to me that the file server is configured such that it must authenticate the user to the domain controller before it allows any user to access its resources.
AM I WRONG?
If I am right, would removing the file server from the domain, as I did to the end-user, stop this fileserver-domain controller interaction, and thereby allow the end-user to map to the fileserver's drive successfully?