Solved

Terminal Server cluster server configuration

Posted on 2011-03-07
5
531 Views
Last Modified: 2012-05-11
Hi All,

I have Windows Server 2003 Terminal Server in production that I'd like to exit the NLB cluster and then rejoin again due to some unknown error (forgot to sysprepped after VMware clone)

Is there any caveats by doing so ? eg. deleting the account from domain and then rejoining back again to the domain ?

I'm afraid of breaking the existing user environment (eg. user account document and settings) as well as the unable to registering it back to the domain even after the VM backup restore ?

any idea please share it here.

Thanks.
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Assisted Solution

by:Tasmant
Tasmant earned 167 total points
ID: 35057127
you shouldn't lose any user profiles on the server.
you can safely leave the NLB cluster and join back later.
you should delete the old server account in AD (or at least reset it)
take care about computer account group membership, including local groups (by example on the session broker). If you sysprep the computer, the SID will change and it will no more be included in security groups.
0
 
LVL 28

Accepted Solution

by:
bgoering earned 333 total points
ID: 35057144
So long as you are using domain accounts for your access I would not expect any problems. Rather than just deleting the domain account I would join to a workgroup, sysprep, then rejoin the domain.

One of the primary things sysprep does is generate a new SID for the machine, local account IDs will be affected.

Take a look at http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx for more info.

Good Luck
0
 
LVL 1

Author Comment

by:jjoz
ID: 35127130
cool, many thanks for the explanation guys, what I'd like to do now is to exit the domain and then rejoin it again.

I hope that the SCP or any other AD attributes that has been written or assigned to the users still working fine after the domain rejoin.
0
 
LVL 28

Assisted Solution

by:bgoering
bgoering earned 333 total points
ID: 35128027
User AD attributes will not be affected by a computer leaving and/or joining a domain.
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 35144275
many thanks mate
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question