Any issues with making a remote desktop services server a domain controller

Posted on 2011-10-11
Last Modified: 2012-11-29
In our environment there are two different domains. The two domains trust one another. In domain A there is a remote desktop services server (setup as a member server) that has a database application that users in both domains access and run a program from. The users in domain B that are trying to run this program on the Remote Desktop Services server in domain A are having troubles.

When these users from domain B (XP clients) double click the icon on their desktop to run this program, sometimes it works and sometimes it doesn't. When the program doesn't open up for the user the error message is, "The item program.exe that this shortcut refers to has been changed or moved, so this shortcut will no longer work properly. Do you want to delete this shortcut? I have tried running this program using a UNC path to the executable that runs the program as well as mapping a drive.

When the process isn't working, if I right click on the icon, choose properties and then click Find target the target file is not found.  If i then click Start, Run and type in the UNC path to the share on the Remote Desktop Services server I get the following message, "\\server name\share name is not accessible. You might not have permission to use this network resource. There are currently no logon servers available to service the logon request."

I can always ping the IP address of this server.

If I look at the security on the folder that I am trying to access, domain users from domain A have modify rights to the folder that contains the program that they are trying to run. If I try to add the domain users group from domain B to have the same modify rights to this directory I receive the following message, "The Active Directory Domain Controllers required to find the selected objects in the following domains are not available: domain B. Ensure the Active Directory domain controllers are available and try to select the objects again.

If I run Dcpromo to make this server a domain controller I should then be able to assign permissions to the users from domain B to access this share and run this applicaiton. I know that this is not the ideal situation, but are there any real issues with making this Remote Desktop services server be a domain controller?

Thanks for your input.

Question by:skenny10
    LVL 77

    Expert Comment

    by:David Johnson, CD, MVP
    without having a spare machine to run as a DC you can do it.. you seem to have the security ideas right
    LVL 26

    Accepted Solution

    All of that sounds like an intermittent DNS error on the trusting domain side to me. Can you run DCDIAG on all DCs on the trusting domain and post the results?

    Author Comment

    The Anne, Francis, Holy Cross, John, Lucy, Michael and Turgeon servers are all secondary domain controllers in domain A. The Primary server in this domain is the DNS server that these other servers point to. The District server is a member server in this domain A and it is on this server that the remote desktop application resides.

    The Mary server is in Domain B and it is the users of this server that are having difficulty running the Remote Desktop Services Application that resides in Domain A on the District server.  These users are just pointing to the unc path to run the program that resides on this Remote desktop services server since these users are in the same physical location as this remote desktop services server.

    Thanks for your continued assistance. anne-diag.txt francis-diag.txt holycross-diag.txt john-diag.txt lucy-diag.txt michael-diag.txt turgeon-diag.txt mary1-diag.txt Primary-diag.txt

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Are you having trouble running ADPREP on your current 32-bit Domain Controller? Have you ran ADPREP multiple times on your Domain but still get an error stating you have not prepared your Domain yet? Here is a change that gets even the most seaso…
    We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now