asked on Run FTP on 2012 Domain controller
Hello Experts
Can I run an FTP site on a 2012 Server that is a domain controller. The server in question was running our FTP site, but I had to make this server a domain controller over the weekend and if I remember correctly, all local users are removed from a server when it is promoted to a DC. Can I have local users on a 2012 DC? previously each ftp user had a local account and would login with their own username and password and only had rights to their FTP folder.
Thanks,
Carmen
Can I run an FTP site on a 2012 Server that is a domain controller. The server in question was running our FTP site, but I had to make this server a domain controller over the weekend and if I remember correctly, all local users are removed from a server when it is promoted to a DC. Can I have local users on a 2012 DC? previously each ftp user had a local account and would login with their own username and password and only had rights to their FTP folder.
Thanks,
Carmen
Windows Server 2012
Last Comment
Lee W, MVP
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
If I demote it, will local user accounts that were there before it was a DC still be there?
Unfortunately, you're asking questions most professionals don't have experience with because most professionals know not to do this. Adding FTP to DC is a huge security risk since FTP transmits passwords in clear text. Further, while I agree some roles in smaller organizations can reside on DCs, FTP is not one of them I would do it I had any other choice (and most clients these days don't use FTP anymore so it's not a task often done these days).
I don't know if the local database will be restored. I'm inclined to say NO, but when you demote a DC, you're prompted to set an administrative password for the local administrator account. I think this action has PROBABLY destroyed all your FTP accounts *IF* they were using the local accounts database as opposed to a separate FTP accounts database from using a third party FTP server.
I would strongly recommend in the future that you perform testing before doing such things. This should be easily done thanks to virtualization and trial versions Microsoft makes available. I'd also ask, since this is 2012, why didn't you just create a new VM for your DC? This *IS* a virtual server right? 2012 grants 2 VMs per license so you have the license. It would have cost nothing. (One reason I love virtualization).
I don't know if the local database will be restored. I'm inclined to say NO, but when you demote a DC, you're prompted to set an administrative password for the local administrator account. I think this action has PROBABLY destroyed all your FTP accounts *IF* they were using the local accounts database as opposed to a separate FTP accounts database from using a third party FTP server.
I would strongly recommend in the future that you perform testing before doing such things. This should be easily done thanks to virtualization and trial versions Microsoft makes available. I'd also ask, since this is 2012, why didn't you just create a new VM for your DC? This *IS* a virtual server right? 2012 grants 2 VMs per license so you have the license. It would have cost nothing. (One reason I love virtualization).