[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


3 Servers down to 1 Server

Posted on 2015-02-07
Medium Priority
Last Modified: 2015-02-07
Hello my friends,

I have a customer who HAD 3 servers all working in some role or fashion doing some tasks....  (before my entrance)

NOw...  I'm the IT guy.

They have only 1 server because the other 2 simply DIED.  

Problem I need to solve:

 The single server works for their needs right now, they're IN production.  But it's NOT setup as the DC.  Both DNS are pointed to the now offline and dead servers.   I need to set this single server up as THE ONLY server with authority.   I've never dealt with a forest so have no clue how to tell it there are no other servers to look for  /shrug.

they don't even have their client pc's on a domain.  they're all on a workgroup.

So the ONLY purpose this server is at work for is central data....in my mind this makes the changes I need to make alot easier since no client is connected via anything other than a network drive share.

I just want to tighten up this server (which is VERY NEW by the way) to be a controller.   They don't even have dhcp turned on....it's barely being utilized.

so to clarify...
How can i make this box the boss of all things without breaking their current use of data shares.    I'm hoping it's as easy as adding/installing the roles but i need someone smarter than I to tell me.

The other issue is how do get this server to not think it's part of a forest, but standalone and not look to any other place but itself for authority.  

Thank you to all,

Question by:Faxxer
  • 5
  • 3
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40595966
Lots of issues.

Microsoft software is very reliable.  HOWEVER, it NEEDS to be implemented properly.  We need to know everything you have installed on this server currently.

You also need to understand that just making it a DC won't fix the workstations - they will be viewed as imposters, so-to-speak, and the server won't let them connect.  Microsoft domains use names and globally unique IDs that something like social security numbers preventing one person/machine from being mistaken for another.

It really sounds like you have a HUGE mess on your hands and the best way to solve that mess is with a professional who can help fix it for you.  Once fixed, you should be able to manage it with the help of others in forums, but right now, trying to do this through forums is a bit like a nurse trying to perform open heart surgery on herself.

Author Comment

ID: 40596005
I agree it's a mess.

By the way there were no less than THREE IT professionals working this problem for the last 4 years.

I may not have a certificate to my name, but I know it's SNAFU.

sadly it was professionals who got it to this state.

I think there are baby steps that can be taken to work this machine back to at least where it's reliable as the ONLY server.
LVL 97

Accepted Solution

Lee W, MVP earned 2000 total points
ID: 40596018
It sounds like they weren't vetted properly.  Or they called themselves professionals without actually being.

I'll rephrase, I think you're setting yourself up for failure if you don't locate a qualified pro.  Vet them/their proposals through us, but MOSTLY professionals answer questions here and I don't many (if any) would disagree with my recommendation.  

That said, I'll do what I can - but you really need to provide more details.
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.


Author Comment

ID: 40596073
OK I'll start with tools that are vital to the office:
It's a County Assessor office and they use all kinds of MAPPING tools to include:
MapWindow GIS
Microsoft RichCopy 4
Path Copy
Report Manager

Now some of these apps rely on SQL...the following are installed
MySQL Connector C 6.0.2
MySQL Connector C++ 1.1.0
MySQL Connector J
MySQL Connector Net 6.5.4
MySQL Connector /ODBC 5.2 32bit (Community edition
MySQL Documents 5.5
MySQL Examples and Samples 5.5
MySQL Installer
MySQL Notifier 1.0.3
MySQL Server 5.5
MySQL Workbench 5.2 CE

There are also several MS distro's in the list, but i'd never remove those either.

ya...so alot there dealing with databases for their landmark software.   To be fair I've got access to the actual code writer for this Landmark software they use, so I'm not too worried about that.  (I'd not make any changes to the server's infrastructure until i've consulted with him anyway)

So SQL is the big issue to be concerned about when making any changes obviously.

Author Comment

ID: 40596076
you won't believe this...  they don't even have a backup running on this server.   wow.

I'm going to get a baremetal backup at least setup before I do anything at all.

Author Comment

ID: 40596081
I'm going to close this question until I get at least the bare basics taken care of.

I can't fathom what the other guys were charging them for.
LVL 97

Expert Comment

by:Lee W, MVP
ID: 40596198
The good news is that nothing there SOUNDS like it has any restrictions running on a domain controller.  But you need to be careful about services - what accounts are running those services and how many are part of the domain?  These are amongst the things you should be looking out for.  

Converting the machine into a workgroup so that you can later promote it to a DC is simple enough - just remove it from the domain - don't worry that there is no DC to verify the user name and password prompted for upon removing it from the domain - but DO MAKE SURE you have a local account with administrative rights!

Author Comment

ID: 40596293
Ty for the info and wise tips sir.

Very much appreciated

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question