• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

Installing linksys router in front of domain controller?

We have a windows domain controller server, which is currently acting as our gateway and firewall. We want to install a linksys router and convert the domain controller server to a simple file server.

Reason being is this is a small home office setup (3 of us), and the IT person that set it up for them origonally sold them on the idea of a bigger and more complex setup than what was needed, and now we are trapped having to pay him to configure anything for us because the setup is far to complicated for me or anyone to manage.

I want to convert the setup to a simpler setup with each of our computers connecting to the router and then a network share on the server to access our files.

It seems simple in theory, my question is do we have to disable any services or software on the server? Maybe restore the server to factory defaults and configure it again?

As of right now, it controls everything, so I assume that I would need to disable DNS and DHCP?

Thanks for your help!

What needs to be done here? Do I need to disable
0
jdeschner
Asked:
jdeschner
  • 5
  • 3
1 Solution
 
tigermattCommented:

You would need to demote the server by running the dcpromo wizard at the server console, and choosing the option to Demote it and uninstall Active Directory from the server. If you want the router to handle DNS and DHCP, you would need to uninstall these roles server-side by using the 'Manage your Server' wizard.

Don't forget that if you demote it from Domain Controller, all the workstations have to be moved back into a non-managed workgroup, and this means you would no longer have any password synchronization between stations. You would have to keep user accounts and their passwords the same on the server and all the workstations, otherwise you can just imagine the Administrative nightmare you will end up in.

Personally, I would look to learn how to use Active Directory to its full potential, and then leave the server as a Domain Controller and utilise its immense number of features in the future. It really is a timesaver in any environment with more than 1 PC (and, sometimes a server can be justified in single PC environments).

-tigermatt
0
 
jdeschnerAuthor Commented:
Thanks for the info. I had an idea of the steps, but I wasn't exactly sure what they would be.

As for learning active directory, Is it possible to keep the server as a domain controller, but still utilize a router to access the internet?

What brought this on is our server was down a few days ago when we came in, and we had no internet access what-so-ever until the IT guy got here. As our business is 100% internet based, this is not good... we can handle not having our files for a few hours, but not being able to respond to email or man our live chat system costs us allot of money.

Assuming I move forward with my origonal plan, I assume I would get everyone moved back to a workgroup and thier user accounts tranfered before going ahead with this?

Thanks again!

-Jared
0
 
tigermattCommented:

Hey Jared,

> As for learning active directory, Is it possible to keep the server as a domain controller, but still utilize a router to access the internet?

It certainly is, and that would be my preferred configuration. I would never use a Domain Controller as a gateway, simply because it is an unnecessary security risk and performance detriment on the server. I suspect the IT guy would have installed Server 2003's Routing and Remote Access feature in order to configure the server as a router, and it is very easy to change the setup back.

The procedure would be:

1. Disable the Routing and Remote Access service from 'Services' in Administrative Tools.
2. Disconnect the cable going to your router/modem from the server's NIC card, leaving the other cable to your internal network switch in tact.
3. Install the Linksys device and plug it directly into the main network switch - NOT the server's NIC.
4. Disable the Network Card you unplugged the cable from on the server (in Control Panel > Network Connections), or even better, remove it from the server. I'd suggest before doing either, you modify the network card's properties to set its IP configuration back to 'Obtain IP and DNS automatically', since this will prevent any future conflicts.
5. Change the server's remaining NIC so the Default Gateway is set as the IP of the linksys router. Update the server's DHCP pool settings and any statically IP assigned devices to reference the linksys -not the server- as the router/gateway.

If you did want to still demote it from a DC after doing this, I'd suggest you think again. It really is quite simple to pick up and learn Active Directory in no time, and once you realise the power it gives you, I can't tell you how much you would miss it if you uninstalled it. Plus, file sharing across a workgroup is a lot more difficult than on a domain.

By the way, this server isn't running the Small Business Server Operating System, is it? (If it is, you'll see on the server logon screen "Windows Server for Small Business Server" in the graphic. Let me know if it is - that is VERY important.

-Matt
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jdeschnerAuthor Commented:
Yes, it is running Windows Server 2003 for Small Business Server.
0
 
Darr247Commented:
Which Linksys router were you considering, btw?  RVS4000?
Or did you want to add wireless access, too?
0
 
jdeschnerAuthor Commented:
Nothing fancy, we have a BEFSR81 (8 port Etherfast Cable/DSL Router) sitting here ready to go. Wireless is not required.
0
 
tigermattCommented:

Since the server is running Small Business Server, unfortunately you CANNOT demote it from its Domain Controller role. If you do this, you will break the server since it breaches the SBS licensing restrictions; this means you must keep the server as a Domain Controller, so don't follow my above instructions on how to demote it. If you were to demote it, the server would restart on regular intervals (roughly every hour) in protest of it breaking the licensing agreement.

However, you can change the router out and stop the server acting as a gateway. It is quite simple, and in SBS it is much simpler. Change over the network cables as I mentioned, disable the NICs, then, on the server, open the Server Management console, go to the Internet & Email section and click 'Connect to the Internet'. Follow the wizard and enter all the information when prompted. See http://sbsurl.com/ceicw for a detailed guide to the wizard.

-tigermatt

0
 
jdeschnerAuthor Commented:
Everything worked out great. We got it re-configured to work with the router, and we are maintaining the Domain Controller setup. Thanks for your help!
0
 
jdeschnerAuthor Commented:
Thanks for your help!
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now