• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

Why can't I join my Server 2003 to an existing domain?

I am unable to join my Server 2003 to an existing domain. Any ideas? Existing domain controller is Server 2000. In AD it lists my Server 2003 under "computers." What does that mean?
0
BobGipson
Asked:
BobGipson
  • 8
  • 7
1 Solution
 
Jay_Jay70Commented:
Hi BobGipson,

what are you trying to acheive - by the sounds of it your server IS a member of the domain

are you trying to add as a new Domain Controller?
0
 
BobGipsonAuthor Commented:
Jay_Jay70,

I'm trying to work my way into understanding the relationship of these two servers step by step. Feel like I am walking up a mountain on my hands.

In AD on domain controller there are no other listings under "computers" other than the Server 2003. Can it be that no other computers in our shop are members of the domain?

0
 
Jay_Jay70Commented:
correct my friend,

if the machines havent been joined to the domain manually then they arent a part of it, or they have been moved to a different OU within AD, open up AD, choose search, select computers and leave the criteria blank, this will list any machines and where they are :)

As for the server, If the Machine is NOT a domain controller then it will be listed under computers or moved somewhere else, only DC's are under the DC's container, servers are just computers with a Network OS, that have been joined in

Make sense ??
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
BobGipsonAuthor Commented:
Jay_Jay70,

In response to another question about promoting the 2003 Server to domain controller, RobWill replied:

"As for group policy, simply joining the server to the existing to domain should allow it to receive and apply policies created on your existing domain controller. Making it a domain controller would allow you to create the policies on that DC as well, and they would be in turn replicated with the other domain controller and applied to the appropriate computers and servers within the domain."

If my 2k3 is a member of the domain should I then be able to access group policy on it someway --- inherited from the 2k domain controller?

Thanks.
0
 
BobGipsonAuthor Commented:
Jay_Jay70,

I just tried your search suggestion on the domain controller. I searched for all computers in the entire directory and only the 2k dc and the 2k3 server showed up. Me thinks I don't have much of a network here. Some 25 or so other computers access files and data on these two servers. How are they actually related to the servers?

Thanks.
0
 
BobGipsonAuthor Commented:
You are being so helpful on this, I just bumpted the points.
0
 
Jay_Jay70Commented:
AH Bob, I didnt realise this was related - no worries,

what Rob means, is that policies held on your Domain Controller will be applied to this server, exactly the same as it would a computer.

When you run the dcpromo wizard, it creates another database of users and computer and policies.

when you run dcpromo, you have to add it as an additional Dc in an already existing Domain, otherwise you can use the adminpak to simply view and modify the AD database stored on your current DC
0
 
Jay_Jay70Commented:
by the sounds of it the computers havent been actually joined to the domain

at the moment they are just accessing shares

if you go to a client, right click on my computer, network ID Tab, and see if it is a member of a domain or not
0
 
BobGipsonAuthor Commented:
Jay_Jay70,

Wow, I think that explains a lot! I've been trying to set local policies on the 2k3 server to restrict remote desktop users and they weren't working.  Is that because I don't have group policy on the 2k3 or because it is inheriting its rights from the domain controller and passing them along to the remote desktop users?

Thanks.
0
 
Jay_Jay70Commented:
sorry Bob i had to pop out for a bit :)

Local Polcies apply only to the local machine :) Group Policy on Active Directory will pass the settings down to the client machines, but the clients have to be members of the domain

I am more than happy to write up som steps for you on how to implement Group Policy and how to add users to a domain and all that kind of fun if you would like, step one though is joining the machines into the domain itself,

at the moment the only policy you have set by the sounds of it is the local policy on a machine
0
 
BobGipsonAuthor Commented:
Jay,

A list of steps would be great! Any help would be appreciated.

Points cannot be the motivation for the help you give folks like me. What drives you and the other experts?

I'm awarding the points now. I do hope you will respond with the list of steps.

Thanks for all your help.
0
 
Jay_Jay70Commented:
Hey Bob,

true points mean nothing, I got helped out once by Robwill and ever since then i have done the same, it is also the best way to builld knowledge and forces you to learn :)

i will write these steps up for you today, will include some Group Policy Links and Basic tools you can use in the future :)
0
 
Jay_Jay70Commented:
Ok Here we go,

This link will provide you step by step Instructions on installing Active Directory on your Domain Controller which you have already done, buts its a good reference for next time

It also explains how to manage the Active Directory Users and Groups Snap in to manage all your users

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/admng.mspx

The Bottom of that link shows you how to join the domain at the client level



This next link is courtesy of MKBean, it explains how to create and manage group policies to completely lock down and customise your users

http://www.adminprep.com/articles/default.asp?action=show&articleid=55

http://www.adminprep.com/articles/default.asp?action=show&articleid=82

Thats basically all you need to get started, any other little things that you find on the way will be easily ironed out, and i am more than happy to help


As far as shares and access goes now, once all your machines are joined in to the domain, your security is 110% stronger and easier to manages, instead of having to add individual users to shares, you can add groups from AD etc

I promise this will make life much more fun :)



Another Couple of fun tools for when you get a bit more familiar with AD

1) Folder Redirection / Roaming Profiles
http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html

2) SOftware Deployment
http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Deploy-Applications.html



If you get stuck feel free to post and ill help you

Cheers and Good Luck

James
0
 
BobGipsonAuthor Commented:
James,

Thanks a million. You've given me enough homework to keep me busy for a long while.

Bob
0
 
Jay_Jay70Commented:
Ha well make sure you enjoy it, maybe its strange but new technologies and new networks can be great fun
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 8
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now