[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Concerns about ISA , Radius protocol use, when replacing existing server thats a domain controller?

Posted on 2011-09-28
3
Medium Priority
?
465 Views
Last Modified: 2012-05-12
We currently are still running a Windows 2000 server as our domain controller. We have one central location, with over 60 remote locations. We have all the locations connected using vpn's. We are currently using ISA on the server for Radius for the Vpn users on the network. We need to replace this server with a new domain controller. They are looking at either Windows 2008 R2, or Windows SBS 2011 for a new domain controller. Basically the thought was that we could demote the current domain controller, and leave the ISA set up as is to continue to authenticate the use of the vpn on the company network. They don't want to have to re-enter all the accounts and set it all back up again. Then the old domain controller would just be a member of the domain as a server and still satisfy this task, and the new domain controller will be for the office tasks in general, file and print sharing and so fourth. Is there any reason that this wouldn't work ?? We don't want to demote the old server and add it to the new domain controller only to find out for some reason this will not work this way.  Just to add the plan for the new domain controller is to start fresh with its configuration, no migrating from the previous domain controller. The only thing that would be moved from the old domain controller to the new is the user data, common shared folders. Everything else including user accounts were to be set up as new.
0
Comment
Question by:holcomb_frank
  • 2
3 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 36718205
Where are the user accounts for the VPN users stored now?  That has me confused.
0
 

Author Comment

by:holcomb_frank
ID: 36718234
right now it's all on the windows 2000 server that acts as the current domain controller. there are so many, the boss doesn't want us to have to re-enter these on a new server, assuming that ISA would work the same on the new server.  so that is why he wants us to demote this windows 2000 domain controller  to a stand alone server, but leave the user accounts as they are and continue to have this box do the authentication....does that help??
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 2000 total points
ID: 36718766
Okay, it's been a while since I've worked closely with ISA so bear with me but it's my recollection ISA uses local user accounts for access.  On a Domain Controller, there are no local accounts, only domain accounts.  If that's the case, you'll lose your ISA accounts when you destroy the old domain in favor of the new domain.  I may be wrong (but I don't think so), or I may be mis-understanding (which is possible).
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question