How to join a local file server to a remote domain controller

I have a windows 2008 r2 domain controller set up at a datacenter (mainly running exchange).

I would like to have a file server at my local location.

I installed 2008 R2 enterprise edition on it.

What is the best way for to me set it up to be part of the domain, so that the same username and passwor5d they use for exchange they can use to access the file server.

Also, as of now the computer are not set up to be part of the domain itself, where should I point the computer to?
stumped423Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
SandeshdubeyConnect With a Mentor Senior Server EngineerCommented:
As you have mentioned that alredy domain controller and exchange is installed in the environment.
You need to add the file server in the domain assuming that you have one more server which will be used as file server.

Once the Server is added to domain you can create folders and share the same as per requirement and add permission to it based on business requirement.

The same user id and password will be used by client user to login to domain PC,acess file share and exchange once the workgroup PC are added to domain.


0
 
stumped423Author Commented:
My problem with adding it to domain, is that usaully I have to set the DNS address of the workstation to be pointed to the server in order to have it joing. But how do I do that when the server is not local?

THanks
0
 
SandeshdubeySenior Server EngineerCommented:
If you want to add the workstation PC to domain you need to point to DNS server and add the PC to domain.




0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
stumped423Author Commented:
How would I add this server to the domain if the domain server is at a remote location. What dns server would I use in this case.

The local place only has a regular router/internet connection.
0
 
SandeshdubeySenior Server EngineerCommented:
If the domain server is reachable and pingable by ip address you can add the server to domain.The DNS server will the the local ip address of the DC.

However I would recommend if the no of user in remote location is more then 30 then make the file server as ADC as well .For redendancy you need to have atleast two DC in the network.

Also make sure that if you are making the file server as ADC below firewall port should be open.

Port Assignments for Active Directory Replication
Service Name      UDP        TCP
LDAP                    389        389
LDAP                                  636
GC                                     3268
Kerboros                88         88
DNS                        53          53
smb over IP            445       445

0
 
stumped423Author Commented:
There are only 10 user at the location.

I am able to ping the public IP of the DC and remote dekstop into it, but even though I set the public IP and the DNS server, I can not ping the server by name.

Do any special ports need to be open on the firewall of the DC to allow that to work?

Thanks
0
 
stumped423Author Commented:
Actaul, sorry I am able to ping the DC server when I use the full name ie: servername.domain.local but when I try to join the domain name, it says it cant be found. Do I need to enter it in a special way?
0
 
SandeshdubeySenior Server EngineerCommented:
Are you able to ping the DC with private ip address not public.If you are able to ping the server with private ip you need to enter the the private ip address as DNS on client PC and then try to join to domain.
0
 
stumped423Author Commented:
The public IP is dedicated directly to the DC.
0
 
netjgrnautCommented:
It sounds like you're moving towards opening up AD (and DNS) to the public Internet.  This is a Bad Thing (TM).

First enable a VPN between the sites.  I'd recommend doing this with router hardware, not client (server-to-server) connections.  They're less stable, and you want a reliable PRIVATE connection between your sites.

Then you can set the DNS resolver on your remote server to the IP of the DC.  Make sure that is the ONLY resolver configured when you join the domain.

I agree with Sandeshdubey that you'll be best served by promoting your remote FS to a DC once you've joined the domain.

After you do this, reconfigure the first resolver on the remote DC/FS to 127.0.0.1.  Leave the main site DC as the second resolver.

Don't forget to add your remote subnet definitions to AD.

DON'T OPEN UP THE FIREWALL PORTS AS DESCRIBED ABOVE TO THE PUBLIC INTERNET.  Such access to a DC is just wrong.  It's not secure.

Hope that helps!
0
 
SandeshdubeySenior Server EngineerCommented:
You need to asign private IP adress to DC not public.After assigning the private IP address,
check the DNS setting on the Server it should point to itself.If the public ip address is added in the NIC DNS setting remove the same and add to DNS forwarders if required.If 127.0.0.1 is entered as dns remove the same and add ip address.

Check NIC binding the Nic which is online and has ip details should be in first order.If multiple NIC are present then disabled the unrequired NIC.

Once done reboot the server.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.