Solved

Moving a webserver into a domain

Posted on 2011-02-12
6
204 Views
Last Modified: 2012-05-11
I might need to move my windows 2003 webserver into our domain.

Scares me to death to even try it.

I am looking for some kind of guide of how to do this without breaking it. Obviously mostly concerned about permissioning issues.

Any help?
0
Comment
Question by:akessel
  • 3
  • 2
6 Comments
 
LVL 5

Expert Comment

by:alreadyinuse
ID: 34880530
Is it a hardware or virtual server?
0
 

Author Comment

by:akessel
ID: 34881291
Hardware, 2003 server.
If one could preserve the local users I suppose all working be good.
0
 
LVL 5

Accepted Solution

by:
alreadyinuse earned 250 total points
ID: 34881350
Yeah we have done this without issue, the local users will be preserved and i think as long as you do not change the computers name other than join the domain it should be ok. At least that has been my experience. Unless possibly you are running web services or apps outside of IIS. Such as apache or websphere apps serving pages?

One thought is if critical is to P2V the server to virual first, then you can snapshot the instance and if you do have trouble you can revert back to the snapshot.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:akessel
ID: 34883201
I'm not familiar with P2V or converting a 2003 box to virtual. Can you get me going in right direction?
0
 
LVL 8

Assisted Solution

by:Toxacon
Toxacon earned 250 total points
ID: 34883250
There are some issues to consider when joining to a domain. The domain will command its members with Group Policies so if you join the computer to a domain, you will allow that. If there are complicated settings such as Restricted Group that are enforced, they could ruin your webserver.

What you need to do before joining is:

- Create separate OU for the web server
- Block policy inheritance to that OU
- Join the computer to domain and BEFORE reboot move the computer object/account to the OU that has policy inheritance blocked.

This setup will cause least problems, if any. Usually there will not be any problems, but without knowing the target AD, it's impossible to say.
0
 

Author Comment

by:akessel
ID: 34883339
My main concern is that the local users will be preserved, but your suggestion, certainly can't hurt.

I have a number of asp and asp.net apps that run off that webserver that require pretty much open access to a few directories (some .mdb files for instance) - ie.. those directories allow "Everyone" Read/Write Access.

So those could break.

On the plus side things that use Administrator to authenticate (for instance SqlServer potentially) will just work once this goes into the domain since it will be the domain Administrator and not the local Administrator.

I kind of know enough to be dangerous, so I like to check with the folks who know more than me.

Thanks,
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question