Reconfigure network, remove domain control for it's 5 PCs but maintane the Windows 2008 Server

Posted on 2014-02-07
Last Modified: 2014-02-07
I have a small network with one server, 3 PCs, a NAS, and a few printers.  It was configured as a domain and I want to remove each PC from the domain but still allow all the desktop PCs in the LAN to access the Windows 2008 Server for file sharing (it also hosts a FileMaker Pro database that is accessed locally from the desktop PCs) and all the LAN resources like the NAS and the printers.

I very little experience with the server management but am pretty technical and have been dealing with windows and networks for a long time.  I realize i can just go to active directory and remove the user, but what happens after that as far as getting access to the server and other resources on the local network?  

Beside file sharing, the server had also been used as an exchange server  but i have migrated exchange to a hosted solution.  All the server is really used for is "File Sharing" and a FileMaker Pro Server for a desktop database application.
Question by:AxeTracks
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4

Author Comment

ID: 39843728
Maybe what i need to do is to uninstall Active Directory Services, and uninstall or turn off the domain controller?
LVL 11

Expert Comment

ID: 39843735
Create local user account on the workstation, disjoin the workstation from the domain and map the network drive.

Deleting the user account on the AD will create issue for the users logging on their domain client machines.

For the printers, you can set workstations to ip printing.

Author Comment

ID: 39843736
Is dis-joining different then deleting an active directory user?
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

LVL 11

Expert Comment

ID: 39843743
Yes, its different.

A domain computer has two account in AD. One is user account and another is computer account. When you delete the user from the users ou, that user can not login to their computer.and another user with domain credential can still logon to the workstation.

When you disjoin, you disassociate the workstation account from the domain completely.

Author Comment

ID: 39843753
interesting.  Each PC in this LAN is on the Domain, and each user in this office has a domain login on "each" PC...  so if created a local account on one of the PCs and then disjoined that PC in AD... users could still login to the domain on one of the other PCs... ?
LVL 11

Accepted Solution

Miftaul earned 500 total points
ID: 39843757
Yes, user will still be able to logon to the domain using another domain joined machine. We need to disable the user account so that it can not be used or even delete the user account later.

When we dis-join the workstation from the AD, the users domain credential will not allow him/her to logon to the workstation. Thats the reason, we created a local user account , so that s/he can logon to the workstation using this local credential.

If you just remove a user account from the AD, not dis-joining the workstation from the AD. Other domain users can still login to the workstation right, because the workstation is still joined the domain.

Say UserA users ComputerA which is in a Domain called abc.local. Now abc,local has other user account as well like UserB, UserC, UserD etc. If you delete the UserA account on the AD, then UserA will not be able to access the ComputerA, but ComputerA is still joined in the domain. And another domain user UserB can logon to ComputerA using his/her domain credential.

What I am saying is,
1. Disjoin the workstation from the domain. Now no domain user can logon to the workstation.
2. Login to the ComputerA as administrator and create a local user account.
3. Share that local account creadentoial with the userA, so s/he can logon to the machine.
4. Map the servers drive for the user.

Author Comment

ID: 39843761
You have offered me very excellent support.  Thank you.

Author Closing Comment

ID: 39843762
I asked a question that was not very thought out and got excellent guidance.  Thank you
LVL 11

Expert Comment

ID: 39843769
Thanks AxeTracks.

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

User Beware!  This is a rather permanent solution to removing your email from an exchange server.  The only way to truly go back is to have your exchange administrator restore your mailbox from backups.  This is usually the option of last resort.  A…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
The viewer will learn how to simulate a series of sales calls dependent on a single skill level and learn how to simulate a series of sales calls dependent on two skill levels. Simulating Independent Sales Calls: Enter .75 into cell C2 – “skill leve…
The view will learn how to download and install SIMTOOLS and FORMLIST into Excel, how to use SIMTOOLS to generate a Monte Carlo simulation of 30 sales calls, and how to calculate the conditional probability based on the results of the Monte Carlo …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question