?
Solved

Terminal Server cluster server configuration

Posted on 2011-03-07
5
Medium Priority
?
532 Views
Last Modified: 2012-05-11
Hi All,

I have Windows Server 2003 Terminal Server in production that I'd like to exit the NLB cluster and then rejoin again due to some unknown error (forgot to sysprepped after VMware clone)

Is there any caveats by doing so ? eg. deleting the account from domain and then rejoining back again to the domain ?

I'm afraid of breaking the existing user environment (eg. user account document and settings) as well as the unable to registering it back to the domain even after the VM backup restore ?

any idea please share it here.

Thanks.
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Assisted Solution

by:Tasmant
Tasmant earned 668 total points
ID: 35057127
you shouldn't lose any user profiles on the server.
you can safely leave the NLB cluster and join back later.
you should delete the old server account in AD (or at least reset it)
take care about computer account group membership, including local groups (by example on the session broker). If you sysprep the computer, the SID will change and it will no more be included in security groups.
0
 
LVL 28

Accepted Solution

by:
bgoering earned 1332 total points
ID: 35057144
So long as you are using domain accounts for your access I would not expect any problems. Rather than just deleting the domain account I would join to a workgroup, sysprep, then rejoin the domain.

One of the primary things sysprep does is generate a new SID for the machine, local account IDs will be affected.

Take a look at http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx for more info.

Good Luck
0
 
LVL 1

Author Comment

by:jjoz
ID: 35127130
cool, many thanks for the explanation guys, what I'd like to do now is to exit the domain and then rejoin it again.

I hope that the SCP or any other AD attributes that has been written or assigned to the users still working fine after the domain rejoin.
0
 
LVL 28

Assisted Solution

by:bgoering
bgoering earned 1332 total points
ID: 35128027
User AD attributes will not be affected by a computer leaving and/or joining a domain.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 35144275
many thanks mate
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question