Solved

How to join a local file server to a remote domain controller

Posted on 2011-09-20
11
366 Views
Last Modified: 2012-05-12
I have a windows 2008 r2 domain controller set up at a datacenter (mainly running exchange).

I would like to have a file server at my local location.

I installed 2008 R2 enterprise edition on it.

What is the best way for to me set it up to be part of the domain, so that the same username and passwor5d they use for exchange they can use to access the file server.

Also, as of now the computer are not set up to be part of the domain itself, where should I point the computer to?
0
Comment
Question by:stumped423
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 36571661
As you have mentioned that alredy domain controller and exchange is installed in the environment.
You need to add the file server in the domain assuming that you have one more server which will be used as file server.

Once the Server is added to domain you can create folders and share the same as per requirement and add permission to it based on business requirement.

The same user id and password will be used by client user to login to domain PC,acess file share and exchange once the workgroup PC are added to domain.


0
 

Author Comment

by:stumped423
ID: 36571672
My problem with adding it to domain, is that usaully I have to set the DNS address of the workstation to be pointed to the server in order to have it joing. But how do I do that when the server is not local?

THanks
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36571821
If you want to add the workstation PC to domain you need to point to DNS server and add the PC to domain.




0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:stumped423
ID: 36571830
How would I add this server to the domain if the domain server is at a remote location. What dns server would I use in this case.

The local place only has a regular router/internet connection.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36571900
If the domain server is reachable and pingable by ip address you can add the server to domain.The DNS server will the the local ip address of the DC.

However I would recommend if the no of user in remote location is more then 30 then make the file server as ADC as well .For redendancy you need to have atleast two DC in the network.

Also make sure that if you are making the file server as ADC below firewall port should be open.

Port Assignments for Active Directory Replication
Service Name      UDP        TCP
LDAP                    389        389
LDAP                                  636
GC                                     3268
Kerboros                88         88
DNS                        53          53
smb over IP            445       445

0
 

Author Comment

by:stumped423
ID: 36571920
There are only 10 user at the location.

I am able to ping the public IP of the DC and remote dekstop into it, but even though I set the public IP and the DNS server, I can not ping the server by name.

Do any special ports need to be open on the firewall of the DC to allow that to work?

Thanks
0
 

Author Comment

by:stumped423
ID: 36571923
Actaul, sorry I am able to ping the DC server when I use the full name ie: servername.domain.local but when I try to join the domain name, it says it cant be found. Do I need to enter it in a special way?
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36571979
Are you able to ping the DC with private ip address not public.If you are able to ping the server with private ip you need to enter the the private ip address as DNS on client PC and then try to join to domain.
0
 

Author Comment

by:stumped423
ID: 36572028
The public IP is dedicated directly to the DC.
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36573731
It sounds like you're moving towards opening up AD (and DNS) to the public Internet.  This is a Bad Thing (TM).

First enable a VPN between the sites.  I'd recommend doing this with router hardware, not client (server-to-server) connections.  They're less stable, and you want a reliable PRIVATE connection between your sites.

Then you can set the DNS resolver on your remote server to the IP of the DC.  Make sure that is the ONLY resolver configured when you join the domain.

I agree with Sandeshdubey that you'll be best served by promoting your remote FS to a DC once you've joined the domain.

After you do this, reconfigure the first resolver on the remote DC/FS to 127.0.0.1.  Leave the main site DC as the second resolver.

Don't forget to add your remote subnet definitions to AD.

DON'T OPEN UP THE FIREWALL PORTS AS DESCRIBED ABOVE TO THE PUBLIC INTERNET.  Such access to a DC is just wrong.  It's not secure.

Hope that helps!
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36577852
You need to asign private IP adress to DC not public.After assigning the private IP address,
check the DNS setting on the Server it should point to itself.If the public ip address is added in the NIC DNS setting remove the same and add to DNS forwarders if required.If 127.0.0.1 is entered as dns remove the same and add ip address.

Check NIC binding the Nic which is online and has ip details should be in first order.If multiple NIC are present then disabled the unrequired NIC.

Once done reboot the server.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question