Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


How to join an already configured SBS 2011 server into  a 2003 Domain

Posted on 2013-11-21
Medium Priority
Last Modified: 2015-04-03
I run a 30 computer 2003 Domain( Company) with two DCs.   My Company has merged with a smaller company whos five employees who are going to be working in our office starting next week.  Their network has one Small Business server 2011 and have their own domain (New).

With help from Experst I have learned that:

SBS does not support trusts

SBS cannot be demoted from a DC to a member server.

My ONLY option is to join it to the Domain as a global catalog server holding all the FSMO roles.

I am concerned about breaking this sever not to mention my whole network.

While I am still looking elsewhere for advice does any have any thoughts or suggestion?

Perhaps someone have done this before?

This is a bit scary.

Thanks in advance
Question by:oldgary
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
  • +1
LVL 70

Accepted Solution

KCTS earned 2000 total points
ID: 39666415
You can't - SBS servers must hold the FSMO roles, they cannot form trusts with other domains

Author Comment

ID: 39666544
Thanks KCTS but I think I get that part.

No trusts.

Cannot be demoted.

But can I move it into a 2003 domian, move all the FSMO roles to it and make it the Global Catalog server?

Thanks for your interest.
LVL 24

Expert Comment

ID: 39668136

You cannot have SBS2008/2011 as member server in domain.You can have SBS2003 as member server is domain.
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

LVL 22

Expert Comment

by:David Atkin
ID: 39668300
SBS must be the root of the domain which means that there is no adding either SBS servers to other domains as member servers.

Have you thought about using the SBS 2011 hardware and licence key to migrate your SBS 2003 to a new SBS 2011 server?
LVL 70

Expert Comment

ID: 39668345
As I said - No - If there are a lot of users then you can do a migration from one to the other - but you can't have the two co-exist - not for long anyway.


Author Comment

ID: 39668927
Thanks KTS.

How about if I drop back and punt?

Could I do this:  Two independent domains living on the same physical network shareing they same IP network

Physically attach the SBS server to my 2003 network.  

Give it a static IP address, in this case 192.168.1.x

Attach the workstations.

Create identical users (name/passwords) on the company Domain.

Possibly make a DNS A record on the Company DNS.

Leave the Workstaions in their current domain and map drives  and install printers using the new user accounts.

Not elegant I know but would this be viable?  Would the new users still be able to logon to their server?

LVL 22

Expert Comment

by:David Atkin
ID: 39669276
You would be violating Microsoft licencing terms but it is possible.

DHCP would need disabling on one of the servers.

Your better option is to migrate or merge and use one single server.

Author Comment

ID: 39674914
The SBS server will only be used by the 5 new users.  I'm guesing that will cover me on the licensing end.

Looking at the documentaion I see that thier  DHCP server is the their firewall which I wont be useing.

My intention is to give the SBS server (it will be the only one on the network) and the 5 workstations static Ip's out of the range of my current DHCP.

Thus I will have two domains (one 2003, one SBS 2011)  living on the same wire but otherwise not talking to each other.  My old users need nothing from this new server.  

As I mentioned earlier I will make duplicate users on the 2003 side so they can access our printers.  I believe all they need from the current network is internet and printing.  Exchange is not turned on, nor is SQL.

My fingers are crossed that they will be able to login.

This happens tomorrow.  Will update hoplefully on Wednesday.

Wish me luck and thanks for your advice.
LVL 22

Expert Comment

by:David Atkin
ID: 39675056
It should work fine providing the username and passwords are the same on both server (Y).

In an ideal world I would say do it on a weekend to reduce downtime but sometimes its not possible.

Good luck.
LVL 70

Expert Comment

ID: 39675110
Its a bit of a bodge - akin to buying a Porche and replacing the engine with one salvaged from a lawn mower.

You will essentially be using the SBS server as a fileserver - an it may complain all the time that its not configured properly.

essentially you will be using the SBS sever as a file sever?

It does beg the question of why use an expensive SBS server at all - whya not just use a cheap file-server or NAS.
LVL 22

Expert Comment

by:David Atkin
ID: 39675245
I would agree, its a big plaster.

Author Comment

ID: 39675465
The SBS is a DC and does strictly file and print.  No SQL, Sharepoint or Exchange.

Why this group (5 people) purchased a SBS is beyond me.  I just have to deal with it.

Putting all their data on a NAS is an interesting possibility but for tomorrow I just hope to get them working.

Scorpeo...by a "plaster" do you mean a mess?!  If so I agree.  Won't be anything elegant about this job.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question