Solved

Terminal Server cluster server configuration

Posted on 2011-03-07
5
530 Views
Last Modified: 2012-05-11
Hi All,

I have Windows Server 2003 Terminal Server in production that I'd like to exit the NLB cluster and then rejoin again due to some unknown error (forgot to sysprepped after VMware clone)

Is there any caveats by doing so ? eg. deleting the account from domain and then rejoining back again to the domain ?

I'm afraid of breaking the existing user environment (eg. user account document and settings) as well as the unable to registering it back to the domain even after the VM backup restore ?

any idea please share it here.

Thanks.
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Assisted Solution

by:Tasmant
Tasmant earned 167 total points
ID: 35057127
you shouldn't lose any user profiles on the server.
you can safely leave the NLB cluster and join back later.
you should delete the old server account in AD (or at least reset it)
take care about computer account group membership, including local groups (by example on the session broker). If you sysprep the computer, the SID will change and it will no more be included in security groups.
0
 
LVL 28

Accepted Solution

by:
bgoering earned 333 total points
ID: 35057144
So long as you are using domain accounts for your access I would not expect any problems. Rather than just deleting the domain account I would join to a workgroup, sysprep, then rejoin the domain.

One of the primary things sysprep does is generate a new SID for the machine, local account IDs will be affected.

Take a look at http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx for more info.

Good Luck
0
 
LVL 1

Author Comment

by:jjoz
ID: 35127130
cool, many thanks for the explanation guys, what I'd like to do now is to exit the domain and then rejoin it again.

I hope that the SCP or any other AD attributes that has been written or assigned to the users still working fine after the domain rejoin.
0
 
LVL 28

Assisted Solution

by:bgoering
bgoering earned 333 total points
ID: 35128027
User AD attributes will not be affected by a computer leaving and/or joining a domain.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 35144275
many thanks mate
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question