Link to home
Create AccountLog in
Avatar of Robert Berke
Robert BerkeFlag for United States of America

asked on

Join a domain from a remote location

This is a weird question and it is not critical that I solve it, but I want to try.

My company's small business server is backed up nighty, I call that the Production Server.

I have another identical server in my attic at home where I run disaster recovery tests on a Dell Desktop.  I call them the Attic Server and the Attic Desktop.

Everytime I restore the Production Server onto the Attic Server, my Attic Desktop has to rejoin the domain which is time consuming and annoying.

The only way I know of preventing this is by lugging the Attic Desktop to the office and join it to the domain on the Production Server.  I don't think it is possible to join the production domain from a remote location.


Does anybody know a better way?   (No, not VPN, that gets me connected but is NOT a good disaster test option.)

If there is no way of avoiding the rejoin entirely, is there some way to make the rejoing go faster?  Right now I am using ConnectComputer which requires I reboot the desktop.

Avatar of naomelixes
naomelixes
Flag of Portugal image

What SBS is it?
I know I've joined a computer to a SBS 2003 domain remotely in the past. I remember I couldn't join it via the http://server/connectcomputer, but it could be done some other way. If it's 2003 let me know, I'll try and find the walk-through.
Avatar of Robert Berke

ASKER

Yes, I am using SBS 2003
ASKER CERTIFIED SOLUTION
Avatar of naomelixes
naomelixes
Flag of Portugal image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
looks good.  I will give it a try when I get home.
Cool. Do post back.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
cliff, my VPN restriction was poorly written. It should have said "Using VPN to connect to the restored ATTIC server is not a good disaster test".

Using VPN one time to connect to the OFFICE Production Server is O.K.  

I ran naomelixes' routine and it worked even better than I hoped.   I am 99% the next disaster test will NOT require a ConnectComputer run, nor will it require a VPN to either the production server or the attic server.

I am so confident that I am going to award points now, but next week I will post back the result of next disaster test.

For anybody that is interested, here are some more details.

Bob

HISTORY BEFORE I POSTED MY EE QUESTION.

1. 3/26/2011 CpuProd backed up to disk. (CpuProd does not know about DesktopInTheAttic.)

2. 3/27/2011 CpuProd restored from disk to CpuAttic. All past history of CpuAttic is gone, it now looks like the 3/26 CpuProd.)

3. Ran connectComputer on DesktopInTheAttic so cpuattic now knows about DesktopInTheAttic.

4. On 3/28 I repeated steps 2. 3/27/2011 CpuProd restored from disk to CpuAttic. All past history of CpuAttic is gone, it now looks like the 3/26 CpuProd. and no longer knows anything about DesktopInTheAttic. I therefore had to rerun connectComputer. AtticServer now knows about DesktopInTheAttic.


HISTORY AFTER MY EE QUESTION.

5 4/2 I demoted DesktopInTheAttic from CpuAtticServer.  I then removed it from the attic network and connected it directly to time warner internet.  

6. ran procedure to connect to the domain remotely.

7. reconnected DesktopInTheAttic to attic server.  I did NOT have to rejoin the domain.

FUTURE PLAN.

8. Backup production server and restore to the attic.  I believe my desktop will not have to be rejoined.

And just in case that wonderful link ever goes down, here are the steps.  

1.      Login as administrator on the workstation and create a VPN-connection to the SBS-server. Make sure you enable this connection for ‘All users’. After the setup has finished, go to the Properties of this connection and check the ‘include Windows login domain’ in the tab Options.
2.      Connect to the SBS-server with that VPN-connection using the administrator’s credentials.
3.      Right click My Computer, Properties, Network Identification.
4.      Enable ‘Domain’ and fill in the name of the SBS-domain (on XP you might need to add the .local suffix, so company.local).
5.      Fill in the login name and password of an account that is allowed to join a workstation to the domain.
6.      After a while you will get the ‘Welcome to domain’ message and the remark that you will have to reboot the workstation. Make sure you don’t reboot yet!
7.      OK out of the Network Identification and don’t reboot before you have added the domain user to the local Administrators Group of the workstation.
8.      Go to Control Panel, Users and Groups, and click Add.
9.      Fill in the name of the user and the domain name or use Browse and make sure you choose the SBS-domain from the drop down box, than select the domain user.
10.      Make sure that the added user is given the ‘Administrator’ right on the workstation.
11.      OK out of it and reboot.
12.      After reboot, fill in the name of the domain user, password and make sure the SBS-domain is selected in the domain field. Check the ‘use dialup connection’-box.
13.      After OK, choose the VPN-connection to connect to the SBS. When authorized into the SBS-domain, the login script will run.
14.      After the login script has finished and if you have Premium, you will see the ‘Install Firewall Client’-icon on the desktop. Double-click it and let it install.
15.      The login script will also have added the ‘Remote E-mail access’ and ‘Remote Server Access’. It will have set the homepage in the IE-settings to the Companyweb.
16.      You can modify these favorites to make them available for the remote user. In Documents and Settings\Favorites right click the link and choose Properties. Modify the link to ‘http://servername/exchange’ to the proper link needed for accessing OWA from the internet. Example: https://FQDN/exchange or https://IP/exchange and https://FQDN/remote or https://IP/remote.
17.      If Premium, go to the LAN-settings of IE and uncheck the ‘use proxy’. Disable the Firewall client by right clicking the Firewall Client icon in the system tray (as the Firewall client will prevent the user to access the Internet when not connected to the SBS).
18.      Disconnect the VPN-connection and reboot as the domain user without dialing up to the SBS-domain. Check all links and check the default Internet access. Check the vpn-connection.