[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


How to join a local file server to a remote domain controller

Posted on 2011-09-20
Medium Priority
Last Modified: 2012-05-12
I have a windows 2008 r2 domain controller set up at a datacenter (mainly running exchange).

I would like to have a file server at my local location.

I installed 2008 R2 enterprise edition on it.

What is the best way for to me set it up to be part of the domain, so that the same username and passwor5d they use for exchange they can use to access the file server.

Also, as of now the computer are not set up to be part of the domain itself, where should I point the computer to?
Question by:stumped423
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
LVL 24

Accepted Solution

Sandeshdubey earned 2000 total points
ID: 36571661
As you have mentioned that alredy domain controller and exchange is installed in the environment.
You need to add the file server in the domain assuming that you have one more server which will be used as file server.

Once the Server is added to domain you can create folders and share the same as per requirement and add permission to it based on business requirement.

The same user id and password will be used by client user to login to domain PC,acess file share and exchange once the workgroup PC are added to domain.


Author Comment

ID: 36571672
My problem with adding it to domain, is that usaully I have to set the DNS address of the workstation to be pointed to the server in order to have it joing. But how do I do that when the server is not local?

LVL 24

Expert Comment

ID: 36571821
If you want to add the workstation PC to domain you need to point to DNS server and add the PC to domain.

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.


Author Comment

ID: 36571830
How would I add this server to the domain if the domain server is at a remote location. What dns server would I use in this case.

The local place only has a regular router/internet connection.
LVL 24

Expert Comment

ID: 36571900
If the domain server is reachable and pingable by ip address you can add the server to domain.The DNS server will the the local ip address of the DC.

However I would recommend if the no of user in remote location is more then 30 then make the file server as ADC as well .For redendancy you need to have atleast two DC in the network.

Also make sure that if you are making the file server as ADC below firewall port should be open.

Port Assignments for Active Directory Replication
Service Name      UDP        TCP
LDAP                    389        389
LDAP                                  636
GC                                     3268
Kerboros                88         88
DNS                        53          53
smb over IP            445       445


Author Comment

ID: 36571920
There are only 10 user at the location.

I am able to ping the public IP of the DC and remote dekstop into it, but even though I set the public IP and the DNS server, I can not ping the server by name.

Do any special ports need to be open on the firewall of the DC to allow that to work?


Author Comment

ID: 36571923
Actaul, sorry I am able to ping the DC server when I use the full name ie: servername.domain.local but when I try to join the domain name, it says it cant be found. Do I need to enter it in a special way?
LVL 24

Expert Comment

ID: 36571979
Are you able to ping the DC with private ip address not public.If you are able to ping the server with private ip you need to enter the the private ip address as DNS on client PC and then try to join to domain.

Author Comment

ID: 36572028
The public IP is dedicated directly to the DC.

Expert Comment

ID: 36573731
It sounds like you're moving towards opening up AD (and DNS) to the public Internet.  This is a Bad Thing (TM).

First enable a VPN between the sites.  I'd recommend doing this with router hardware, not client (server-to-server) connections.  They're less stable, and you want a reliable PRIVATE connection between your sites.

Then you can set the DNS resolver on your remote server to the IP of the DC.  Make sure that is the ONLY resolver configured when you join the domain.

I agree with Sandeshdubey that you'll be best served by promoting your remote FS to a DC once you've joined the domain.

After you do this, reconfigure the first resolver on the remote DC/FS to  Leave the main site DC as the second resolver.

Don't forget to add your remote subnet definitions to AD.


Hope that helps!
LVL 24

Expert Comment

ID: 36577852
You need to asign private IP adress to DC not public.After assigning the private IP address,
check the DNS setting on the Server it should point to itself.If the public ip address is added in the NIC DNS setting remove the same and add to DNS forwarders if required.If is entered as dns remove the same and add ip address.

Check NIC binding the Nic which is online and has ip details should be in first order.If multiple NIC are present then disabled the unrequired NIC.

Once done reboot the server.

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question