?
Solved

Joining a Web Server to a Domain

Posted on 2007-03-20
8
Medium Priority
?
399 Views
Last Modified: 2010-04-20
Current Situation:
Two Machines:
        Server #1 - Exchange Server | current Domain Controller for small company (about 10-15 users)
        Server #2 - Web Server with Virtual Machine software installed so that Development Web Server is on the same box | also houses database used by website | was the old Domain Controller for company, and although it is not acting as such, it still has AD installed and thinks of itself as a Domain Controller.

I am wanting to add Server #2 to the Domain of Server #1.  I am thinking that I need to uninstall/disable AD from Server #2 and then add it to Server #1 as you would any computer.  This seems to me, too simple of a project though to be correct…..or is it?  Is there any special configurations I need to do when adding a web server to a domain?

Side Note:  I didn’t set this up, just the situation I was hired into a few weeks ago.  Currently working on getting a 3rd machine to separate the production web server and the development web server; but right now it is working.  
0
Comment
Question by:P1ST0LPETE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 1440 total points
ID: 18756735

I strongly recommend you don't do it.

MS do not support an Exchange Server changing it's Domain Role after installation (by either making it a Domain Controller, or demoting it to a Member Server if it already is a DC).

This is covered by this KB Article:

http://support.microsoft.com/kb/822179

Chris
0
 
LVL 10

Author Comment

by:P1ST0LPETE
ID: 18756793
No, I'm keeping the Exchange Server as the Domain Controller.  I want to add the web server to the Exchange Server's Domain.
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 1440 total points
ID: 18756886

Oh I'm sorry, misunderstood (clearly).

Last time I switched the domain for an IIS server it decided it would be fun to play with the IUSR accounts (despite them all being local user accounts).

If it's a small environment that's generally not much of a problem at all and can be very quickly corrected.

But that was the only problem I ran into. If IIS is running on a DC then it gets a little more tricky, it configures the IUSR account as a Domain Account, which after DCPromo would cease to exist.

Chris
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 10

Author Comment

by:P1ST0LPETE
ID: 18757028
Yes, IIS is running on a DC, but it's a DC that is inactive.  All workstations in office are connected to the Exchange DC.  So basically have two domains in the office right now, and I only want one.  Since all workstations are connected to the Exchange Server DC, I figured I could make the Web Server no longer a DC, and join it too they Exchange DC.
Not really sure the process on all this though, and I don't want make the website inaccessible.
I've never joined a server to a domain before, only workstations.  Wasn't thinking it was too much different.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1440 total points
ID: 18757052

The process is identical. The only extra step you have is the DCPromo to make it a Member Server again (from it's current situation).

I don't think there's much of an easy way around a little downtime to fix any issues with IIS. However, the amount of work really is quite minimal for a website or two, it's only when you scale that up to several hundred that things start to get a bit rushed.

Chris
0
 
LVL 10

Author Comment

by:P1ST0LPETE
ID: 18757084
What exactly is the DCPromo?
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 1440 total points
ID: 18757293

That's the program you will use to stop it being a Domain Controller:

"although it is not acting as such, it still has AD installed and thinks of itself as a Domain Controller."

It will remove that and turn it into a Stand Alone server (no domain membership). Then you can join it to the new Domain and you're done.

Chris
0
 
LVL 3

Assisted Solution

by:hbbw063
hbbw063 earned 60 total points
ID: 18758965
Pistolpete,

As said Chris-Dent:

1- Demote Server 2 from domain controller to standalone server, for this use DCPROMO which will uninstall active directory on it.
2- If you are using static IP on server2, make sure name resolution works between him and server 1 domain, I recommend you set it as DNS client of Server1 supposing it is a DNS server.
3- Add server2 to Server 1 domain.

That's it.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question