Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Reconfigure network, remove domain control for it's 5 PCs but maintane the Windows 2008 Server

Posted on 2014-02-07
Last Modified: 2014-02-07
I have a small network with one server, 3 PCs, a NAS, and a few printers.  It was configured as a domain and I want to remove each PC from the domain but still allow all the desktop PCs in the LAN to access the Windows 2008 Server for file sharing (it also hosts a FileMaker Pro database that is accessed locally from the desktop PCs) and all the LAN resources like the NAS and the printers.

I very little experience with the server management but am pretty technical and have been dealing with windows and networks for a long time.  I realize i can just go to active directory and remove the user, but what happens after that as far as getting access to the server and other resources on the local network?  

Beside file sharing, the server had also been used as an exchange server  but i have migrated exchange to a hosted solution.  All the server is really used for is "File Sharing" and a FileMaker Pro Server for a desktop database application.
Question by:AxeTracks
  • 5
  • 4

Author Comment

ID: 39843728
Maybe what i need to do is to uninstall Active Directory Services, and uninstall or turn off the domain controller?
LVL 11

Expert Comment

ID: 39843735
Create local user account on the workstation, disjoin the workstation from the domain and map the network drive.

Deleting the user account on the AD will create issue for the users logging on their domain client machines.

For the printers, you can set workstations to ip printing.

Author Comment

ID: 39843736
Is dis-joining different then deleting an active directory user?
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

LVL 11

Expert Comment

ID: 39843743
Yes, its different.

A domain computer has two account in AD. One is user account and another is computer account. When you delete the user from the users ou, that user can not login to their computer.and another user with domain credential can still logon to the workstation.

When you disjoin, you disassociate the workstation account from the domain completely.

Author Comment

ID: 39843753
interesting.  Each PC in this LAN is on the Domain, and each user in this office has a domain login on "each" PC...  so if created a local account on one of the PCs and then disjoined that PC in AD... users could still login to the domain on one of the other PCs... ?
LVL 11

Accepted Solution

Miftaul earned 500 total points
ID: 39843757
Yes, user will still be able to logon to the domain using another domain joined machine. We need to disable the user account so that it can not be used or even delete the user account later.

When we dis-join the workstation from the AD, the users domain credential will not allow him/her to logon to the workstation. Thats the reason, we created a local user account , so that s/he can logon to the workstation using this local credential.

If you just remove a user account from the AD, not dis-joining the workstation from the AD. Other domain users can still login to the workstation right, because the workstation is still joined the domain.

Say UserA users ComputerA which is in a Domain called abc.local. Now abc,local has other user account as well like UserB, UserC, UserD etc. If you delete the UserA account on the AD, then UserA will not be able to access the ComputerA, but ComputerA is still joined in the domain. And another domain user UserB can logon to ComputerA using his/her domain credential.

What I am saying is,
1. Disjoin the workstation from the domain. Now no domain user can logon to the workstation.
2. Login to the ComputerA as administrator and create a local user account.
3. Share that local account creadentoial with the userA, so s/he can logon to the machine.
4. Map the servers drive for the user.

Author Comment

ID: 39843761
You have offered me very excellent support.  Thank you.

Author Closing Comment

ID: 39843762
I asked a question that was not very thought out and got excellent guidance.  Thank you
LVL 11

Expert Comment

ID: 39843769
Thanks AxeTracks.

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is a fairly complicated script that will install the required prerequisites to install SCCM 2012 R2 on a server.  It was designed under the functional model in order to compartmentalize each step required, reducing the overall complexity.  The …
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Viewers will learn the different options available in the Backstage view in Excel 2013.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question