Solved

What happens to user names and permissions when you promote a server

Posted on 2006-06-19
8
275 Views
Last Modified: 2010-04-18
I have a domain controller setup with 'businessname.corp' as the domain.  Now I'm needing to setup a backup domain controller. The server however that will need to be a backup domain controller already has user names and complex file permissions. It's also functioning as a web server as well.  What is going to happen if I promote this standard Windows 2003 server to a backup domain controller?   Will the user names and file permissions stay intact or am i going to be starting from scratch?

Thanks in advance.
0
Comment
Question by:bizcrown101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16937916
Hi bizcrown101,

Generally, you don't want a web server to be a domain controller.  If you need a secondary DC, this would not be the server to do it on.

Jeff
TechSoEasy
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 16937918
>> Now I'm needing to setup a backup domain controller

Is this server allready in the domain?

>> It's also functioning as a web server as well.

IUSR and IWAM accounts will stay intact after promotion to domain controller

However all LOCAL user accounts - will cease to exist when this server is promoted to a domain controller
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 250 total points
ID: 16937926
Jeff raises a valid point if this is a public facing web server I would re-consider running dcpromo on it :)
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:bizcrown101
ID: 16938010
Thanks a lot for the answers.

I suppose my other choice is to promote our Windows 2003 server that is running our SQL Server database.  

Unfortunately those are the only choices I have; web server or SQL 2000 server.  I was leaning toward the web server because it's not hit very hard and has far less user permissions to setup.  I suppose the final option is to not have a backup domain controller but that really worries me as we will have all 75 clients dependent on just this one server.  

Yes, I know the correct answer is to get another server.  Unfortunately we will not be able to have one for a few more months.   This feels like a pretty tight spot for a lot of reasons.

But in general would you guys recommend SQL Server box becoming a BDC over the web server?   The SQL Server box is more secure but it's also got data on it that needs far more security. In other words there will be many users that NO MATTER WHAT cannot be allowed access to the SQL Server data.  All authentication on the SQL Server is through SQL Server, I do not use NT authentication.  Jeez, sucks to work on a shoestring and tight timeframes to boot!
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 16938051
You don't need to buy a physical server for this.  If your Web server is not hit very hard, then you should consider installing Virtual Server 2005 R2 which is FREE and then installing Windows Server 2003 on top of that (for which you would need a license).

At least this would save you the hardware costs, and it would keep your DC secure.

Jeff
TechSoEasy
0
 

Author Comment

by:bizcrown101
ID: 16938145
Well I've managed to dig up a machine we can put Windows 2000 on to use as BDC. We are running the Windows 2003 server in mixed mode so it sure.

I appreciate all your suggestions. They have been excellent. I hadn't thought of the virtual server deal... I think that will be helpful in many circumstances.

Thanks a bunch!
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16938380
Hey that works!  Of course if you have Win2000 you could run that virtually as well if you didn't want to deal with another machine to manage.

(Can you tell that I love Virtual Server!?)

Jeff
TechSoEasy
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 16944411
ThanQ

Yep Virtual server is a good product - I keep a raft of virtual machines for testing on my work VM server :)

0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question