srbush
asked on
Need to setup a Server without following roles: DNS, DHCP, Domain Controller, VPN, RAS, or RDP.
I tried to set this up with just the File Server role, but then I lose all the security of a Server and can't get proper permissions to access files. I have never setup a Server without a Domain Controller somewhere on the network. This is a single server. Is it possible to create a Domain without a Domain Controller? This project has a deadline of July 20th and I am at my wits end trying to figure out a solution on my own.
ASKER
I am configuring a network for a MD's office. Previously, he was just on a peer to peer. He purchased a medical software package that required a Server to be installed with the following requirements. 1. Internal static IP is assigned for the Server 2. Server is Windows Server 2003 Standard Edition (SBS will not be supported) 3. Server is not setup as a DNS or DHCP server 4. Server is not setup as a Domain Controller, VPN server, RAS server, or RDP server 5. Server is directly connected to main Switch or Router in the network 6. Server is not open to the Internet: following ports should be specifically closed MySQL 4928, Tomcat 8080 7. TightVNC is installed on all computers 8. Open "outgoing port range" 6000-9999 for VNC 9. Port 8800 is open for AutoPracticeUpgrade to run; FTP must also be enabled.
The software is eclinicalworks, I have called their techs and left several messages and no one calls me back. Without a Domain controller installed, this network is still just a peer to peer, right? Or does this TightVNC have anything to do with the security.
The software is eclinicalworks, I have called their techs and left several messages and no one calls me back. Without a Domain controller installed, this network is still just a peer to peer, right? Or does this TightVNC have anything to do with the security.
ASKER
Just checked the TightVNC, it is just a free Remote Access program, nothing more.
Yes, with a domain controller it's still just peer to peer.
TightVNC allows a computers desktop to be remotely viewed and controlled from another computer. It's fairly insecure because a desktop can be connected to without the users knowledge, and the connection password is stored in the registry (although it's encrypted, but there are cracker programs for it).
TightVNC allows a computers desktop to be remotely viewed and controlled from another computer. It's fairly insecure because a desktop can be connected to without the users knowledge, and the connection password is stored in the registry (although it's encrypted, but there are cracker programs for it).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all your suggestions and input. I will be going back to the Dr.'s office this afternoon and will try them. I still am not comfortable with the security issues and will relay that to him. Even if I take the Server off the internet, it will still be vulnerable through the Workstations.
Why don't you just promote your server to a DC? You'll need it to also run DNS, but it won't have to run DHCP, VPN, RAS or RDP.