Quadeeb2003
asked on
difficulty in adding a second domain controller windows 2003 server
Hi Experts,
I have a DC running 2003 enterprise AD
i have 3 other servers, all on the same domain.
One of my servers is in the DMZ and serves as a Secure Gateway for a citrix server.
Some of the reading I have done suggests it is not a good idea to keep the SG server on the same domain as the rest.
How difficult is it to make that SG server a domain controller (probably using the wrong term)
I would like the SG to have abc.com domain instead of the abc.net domain.
If you could give me a step by step on this I would appreciate it. I'm not an expert.
I have a DC running 2003 enterprise AD
i have 3 other servers, all on the same domain.
One of my servers is in the DMZ and serves as a Secure Gateway for a citrix server.
Some of the reading I have done suggests it is not a good idea to keep the SG server on the same domain as the rest.
How difficult is it to make that SG server a domain controller (probably using the wrong term)
I would like the SG to have abc.com domain instead of the abc.net domain.
If you could give me a step by step on this I would appreciate it. I'm not an expert.
ASKER
I have SG server hosting IIS and WI, but it is on the same domain.
A benefit of switching the server to its own domain is I can use an outside CA certificate for my server on that domain. The FQDN of my internal network cannot have a outside CA certificate because the domain is public. ABC.net for example.
If the SG server becomes a DC for a different domain, I make a few trusts from my DC, and I would imagine I would be in business.
It is a new server, there are no apps other than citrix, and reinstalling would be a snap.
A benefit of switching the server to its own domain is I can use an outside CA certificate for my server on that domain. The FQDN of my internal network cannot have a outside CA certificate because the domain is public. ABC.net for example.
If the SG server becomes a DC for a different domain, I make a few trusts from my DC, and I would imagine I would be in business.
It is a new server, there are no apps other than citrix, and reinstalling would be a snap.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So, any idea how to get it done?
You should be able to setup this server to host an IIS (web) front-end for the Citrix server and have clients connect using the ICA client. This way only a very small hole needs to be open to the real domain.