Solved

Reconfigure network, remove domain control for it's 5 PCs but maintane the Windows 2008 Server

Posted on 2014-02-07
9
335 Views
Last Modified: 2014-02-07
I have a small network with one server, 3 PCs, a NAS, and a few printers.  It was configured as a domain and I want to remove each PC from the domain but still allow all the desktop PCs in the LAN to access the Windows 2008 Server for file sharing (it also hosts a FileMaker Pro database that is accessed locally from the desktop PCs) and all the LAN resources like the NAS and the printers.

I very little experience with the server management but am pretty technical and have been dealing with windows and networks for a long time.  I realize i can just go to active directory and remove the user, but what happens after that as far as getting access to the server and other resources on the local network?  

Beside file sharing, the server had also been used as an exchange server  but i have migrated exchange to a hosted solution.  All the server is really used for is "File Sharing" and a FileMaker Pro Server for a desktop database application.
0
Comment
Question by:AxeTracks
  • 5
  • 4
9 Comments
 

Author Comment

by:AxeTracks
ID: 39843728
Maybe what i need to do is to uninstall Active Directory Services, and uninstall or turn off the domain controller?
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39843735
Create local user account on the workstation, disjoin the workstation from the domain and map the network drive.

Deleting the user account on the AD will create issue for the users logging on their domain client machines.

For the printers, you can set workstations to ip printing.
0
 

Author Comment

by:AxeTracks
ID: 39843736
Is dis-joining different then deleting an active directory user?
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39843743
Yes, its different.

A domain computer has two account in AD. One is user account and another is computer account. When you delete the user from the users ou, that user can not login to their computer.and another user with domain credential can still logon to the workstation.

When you disjoin, you disassociate the workstation account from the domain completely.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:AxeTracks
ID: 39843753
interesting.  Each PC in this LAN is on the Domain, and each user in this office has a domain login on "each" PC...  so if created a local account on one of the PCs and then disjoined that PC in AD... users could still login to the domain on one of the other PCs... ?
0
 
LVL 11

Accepted Solution

by:
Miftaul earned 500 total points
ID: 39843757
Yes, user will still be able to logon to the domain using another domain joined machine. We need to disable the user account so that it can not be used or even delete the user account later.

When we dis-join the workstation from the AD, the users domain credential will not allow him/her to logon to the workstation. Thats the reason, we created a local user account , so that s/he can logon to the workstation using this local credential.

If you just remove a user account from the AD, not dis-joining the workstation from the AD. Other domain users can still login to the workstation right, because the workstation is still joined the domain.

Say UserA users ComputerA which is in a Domain called abc.local. Now abc,local has other user account as well like UserB, UserC, UserD etc. If you delete the UserA account on the AD, then UserA will not be able to access the ComputerA, but ComputerA is still joined in the domain. And another domain user UserB can logon to ComputerA using his/her domain credential.

What I am saying is,
1. Disjoin the workstation from the domain. Now no domain user can logon to the workstation.
2. Login to the ComputerA as administrator and create a local user account.
3. Share that local account creadentoial with the userA, so s/he can logon to the machine.
4. Map the servers drive for the user.
0
 

Author Comment

by:AxeTracks
ID: 39843761
You have offered me very excellent support.  Thank you.
0
 

Author Closing Comment

by:AxeTracks
ID: 39843762
I asked a question that was not very thought out and got excellent guidance.  Thank you
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39843769
Thanks AxeTracks.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The canonical version of this article is on my web site here: http://iconoun.com/articles/collisions/ A companion presentation is available here: http://iconoun.com/articles/collisions/Unicode_Presentation.pdf
As with any other System Center product, the installation for the Authoring Tool can be quite a pain sometimes. This article serves to help you avoid making these mistakes and hopefully save you a ton of time on troubleshooting :)  Step 1: Make sur…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now