Solved

Need to setup a Server without following roles: DNS, DHCP, Domain Controller, VPN, RAS, or RDP.

Posted on 2006-07-16
10
540 Views
Last Modified: 2011-09-20
I tried to set this up with just the File Server role, but then I lose all the security of a Server and can't get proper permissions to access files.  I have never setup a Server without a Domain Controller somewhere on the network.  This is a single server.  Is it possible to create a Domain without a Domain Controller?  This project has a deadline of July 20th and I am at my wits end trying to figure out a solution on my own.
0
Comment
Question by:srbush
10 Comments
 
LVL 15

Expert Comment

by:Darwinian999
ID: 17117106
You can't have a domain without a domain controller. By default servers are in a workgroup until they are joined to a domain or promoted to a domain controller. A server in a workgroup is ok for a small organisation with a small number of users, but security is very limited.

Why don't you just promote your server to a DC?  You'll need it to also run DNS, but it won't have to run DHCP, VPN, RAS or RDP.
0
 

Author Comment

by:srbush
ID: 17117177
I am configuring a network for a MD's office.  Previously, he was just on a peer to peer. He purchased a medical software package that required a Server to be installed with the following requirements.  1. Internal static IP is assigned for the Server  2. Server is Windows Server 2003 Standard Edition (SBS will not be supported)  3. Server is not setup as a DNS or DHCP server  4. Server is not setup as a Domain Controller, VPN server, RAS server, or RDP server  5. Server is directly connected to main Switch or Router in the network  6. Server is not open to the Internet: following ports should be specifically closed MySQL  4928, Tomcat  8080  7. TightVNC is installed on all computers  8. Open "outgoing port range"  6000-9999 for VNC  9. Port 8800 is open for AutoPracticeUpgrade to run; FTP must also be enabled.

The software is eclinicalworks, I have called their techs and left several messages and no one calls me back.  Without a Domain controller installed, this network is still just a peer to peer, right?  Or does this TightVNC have anything to do with the security.
0
 

Author Comment

by:srbush
ID: 17117186
Just checked the TightVNC, it is just a free Remote Access program, nothing more.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 15

Expert Comment

by:Darwinian999
ID: 17117187
Yes, with a domain controller it's still just peer to peer.

TightVNC allows a computers desktop to be remotely viewed and controlled from another computer. It's fairly insecure because a desktop can be connected to without the users knowledge, and the connection password is stored in the registry (although it's encrypted, but there are cracker programs for it).
0
 
LVL 15

Accepted Solution

by:
Darwinian999 earned 168 total points
ID: 17117191
Sorry, that should have said "WITHOUT a domain controller it's still just peer to peer."
0
 
LVL 4

Assisted Solution

by:mrenos
mrenos earned 166 total points
ID: 17117262
My opinion is that you can do this :
1. Install the windows 2003 as you do with all windows.
2. After the installation is done, there is nothing yet installed and running from the above list that you mentioned.
3. Don't run the continue setup shortcut on your desktop because this will install all the above that you don't want.

If you have already installed the above services ( DNS etc ) you can go from the control panel -> add remove programs -> windows components and remove them from there.


Babs,
Hope this helps..
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 166 total points
ID: 17117576
There are only two ways to setup permissions for this:

1)  Create the identical username and password on the server as each client uses to logon.  Add them to a local group then assign permissions to that group as necessary.

2)  Simply enable the Guest account.  This will allow the Everyone group functionality to work properly so each client doesn't have to authenticate.

As long as this is a closed environment, then option 2 should be fine.  

Make sure to change the Guest password to something not easily guessed, write it down then lock it up somewhere.

0
 

Author Comment

by:srbush
ID: 17121186
Thanks for all your suggestions and input.  I will be going back to the Dr.'s office this afternoon and will try them.  I still am not comfortable with the security issues and will relay that to him.  Even if I take the Server off the internet, it will still be vulnerable through the Workstations.  
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question