Solved

Windows 2003 Server - Domain Controller and Terminal Server - Loopback Processing - Bad Idea?

Posted on 2008-10-31
3
1,056 Views
Last Modified: 2012-08-13
I have a Windows 2003 server with Terminal Services installed.  It is also a Domain controller.
There is another DC (part of this domain) in another location (users do not access).  This second server is really just for AD backup.  

First question - off the bat - is it a bad idea to have a DC that is also a TS - and why?
Will I experience any issues because it is a TS and a DC?

Second - I am thinking of applying Loopback processing to the Server.  
Because the server is part of the Domain Controllers OU - and therefore part of the Default Domain Controllers Policy - do I turn on GP Loopback Processing - in the Defaualt Domain Controllers Policy?
Or do I create a second policy and apply it to the Domain Controllers OU?
Or do I move the server out of the Domain Controllers OU to a new OU and then apply the policy that has the Loopback Processing enabled?  (I'm thinking no on this last one - as I do not want to lose any of the Default Domain Controllers Policy settings).
0
Comment
Question by:kstet
  • 2
3 Comments
 
LVL 24

Accepted Solution

by:
andrew_aj1 earned 500 total points
ID: 22852282
It is not a good idea to install terminal services on a domain controller, but i have seen it done before. The following link provides a bit more information why:
http://technet.microsoft.com/en-us/library/cc758409.aspx
I have never done loopback processing of group policy, but this information should help:
http://support.microsoft.com/kb/231287
i hope this helps. Good luck.
0
 
LVL 24

Expert Comment

by:andrew_aj1
ID: 23286474
kstet, can we get an update please.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now