[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 219
  • Last Modified:

Moving a webserver into a domain

I might need to move my windows 2003 webserver into our domain.

Scares me to death to even try it.

I am looking for some kind of guide of how to do this without breaking it. Obviously mostly concerned about permissioning issues.

Any help?
0
akessel
Asked:
akessel
  • 3
  • 2
2 Solutions
 
alreadyinuseCommented:
Is it a hardware or virtual server?
0
 
akesselAuthor Commented:
Hardware, 2003 server.
If one could preserve the local users I suppose all working be good.
0
 
alreadyinuseCommented:
Yeah we have done this without issue, the local users will be preserved and i think as long as you do not change the computers name other than join the domain it should be ok. At least that has been my experience. Unless possibly you are running web services or apps outside of IIS. Such as apache or websphere apps serving pages?

One thought is if critical is to P2V the server to virual first, then you can snapshot the instance and if you do have trouble you can revert back to the snapshot.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
akesselAuthor Commented:
I'm not familiar with P2V or converting a 2003 box to virtual. Can you get me going in right direction?
0
 
ToxaconCommented:
There are some issues to consider when joining to a domain. The domain will command its members with Group Policies so if you join the computer to a domain, you will allow that. If there are complicated settings such as Restricted Group that are enforced, they could ruin your webserver.

What you need to do before joining is:

- Create separate OU for the web server
- Block policy inheritance to that OU
- Join the computer to domain and BEFORE reboot move the computer object/account to the OU that has policy inheritance blocked.

This setup will cause least problems, if any. Usually there will not be any problems, but without knowing the target AD, it's impossible to say.
0
 
akesselAuthor Commented:
My main concern is that the local users will be preserved, but your suggestion, certainly can't hurt.

I have a number of asp and asp.net apps that run off that webserver that require pretty much open access to a few directories (some .mdb files for instance) - ie.. those directories allow "Everyone" Read/Write Access.

So those could break.

On the plus side things that use Administrator to authenticate (for instance SqlServer potentially) will just work once this goes into the domain since it will be the domain Administrator and not the local Administrator.

I kind of know enough to be dangerous, so I like to check with the folks who know more than me.

Thanks,
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now