Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Guidance on Home Server (2008R2) -- Setup as DC and Active Directory or not?

Status
Not open for further replies.

CraigJConrad

IS-IT--Management
May 21, 2000
66
US
Hi All,

I am very experienced in many things technical, but am not very savvy on DC and AD. I have had a Windows 2003 Server in my home for many years and I had stumbled through its installation, including it being a DC and an AD. I even had the home PCs logging into the domain (each of my 5 children had their own LAN PC, as well as a couple others). However, over time I realized that logging into the domain complicated things, and the individual PCs could just as easily be setup on a workgroup, and connect to the server's shared drives, use the mail server, etc -- no apparent loss of function. So, none of them log in that way any longer, though the server still is a DC and has AD.

Now I am setting up a new server with Windows 2008R2. I only have one child left at home, so the number of "desktop clients" has shrunk dramatically. Thus far, the new server now has all of the shared user and media files, as well as the media servers (Plex, PlayOn/PlayLater), while the old server is still running the IIS, mail server, etc. I have NOT set the new server to be a DC nor does it have AD on it. I want to complete the unhooking of the old server, which means that I have to move the IIS and mail services over. Before I do that, I need to know if I *should* setup the new server as DC/AD.

Other info that may or may not be relevant:
A. On the old server, all the userids were in the "Domain Users" group in AD, and one was additionally in the "Domain Admins" and "Remote Desktop Users" groups.
B. I sometimes enable Remote Desktop, but only using the single admin session (ie, I don't have Terminal Services role)
C. There are four internet domains that all route to my home IP address. Currently, all of the applicable ports are then forwarded to my old server (which will be changed to my new server when ready, of course)
===================

Questions:
1. What are the advantages of doing so, versus just setting up IIS (web, FTP) and the mail server (MDaemon)?
2. If I do it now, will I have loss anything done thus far (users' shares/data, applications, etc)?
3-1. When setting up my old server years ago, I couldn't figure out what name to give, and ended up with the following (assume that my internet domain name is "MyHome.net":
a. the AD domain name is "MyHome.net" (that was what I had entered in the wizard, though the later "New Domain Name" screen had "Conrad.MyHome.net" in it
b. the NETBIOS Domain name is "MYHOME"
c. in the Configuration Panel in the wizard, the "Full Domain Name" was "MyHome.net"
3-2. Is that what one should do, or is there otherwise any advantage to one name (or naming convention) over another?
4. If I should be using the same names as used in the old server, is there some process I must follow to "decommission" the old one first?
5. I see that I had DNS setup on the old server, but in thinking about it, I can't see that it would have been used, as I would expect the router/ISP should be doing all of this. Is there any value to having this setup on the new one? If so, should it point to the router or directly to the ISP?

I don't know why I'm a bit reluctant to setup DC/AD, but I'd like some expert guidance before I take that step! Many, many thanks in advance for any advice.

Craig
 
Question!

Why are you using a DC with AD in your house?

You can name your DC "DC" and your network "HOME". All the computers would join "HOME" and would be "ComputerName.HOME"

Also, why not log in the as local admin. "My Computer (right click) > Users Groups > Users" now here you want to Enable the Administrator Account, but give it a password first. Once this is done, in the "Run" or "Start" box you want to use GPEDIT, you can also access this through "C:\Windows\System32" and find it here as well. From here you can modify the particular users profile from the individual PC verses the Server.
 
I've never liked it when people ask a question, get some response(s), and never tell everyone how it all turned out. So, I am back just to: (a) thank HopNDude for responding; and (b) tell the outcome.

It has taken some time to finish setup of my server (life seems to get in the way of these things sometimes!), but I finally gutted my old server today and tossed out its remains. My new server is running everything the old one did (and much more), and doing it quite splendidly. I did NOT set it up as a Domain Controller. The only things that seem to be negative about that decision are: (1) most server/IIS questions I research on the internet provide answers that *assume* you have DC/AD in your setup; (2) there are a couple of features ("virtual users", I think was one -- where you use that ID in IIS for some permissions and the system auto-maintains the password) that you must have AD for; (3) all users (which I had to define to allow them to have file permissions to link to the shared folders) appear on the login screen (maybe this is how Windows 2008 works, not a DC/AD thing, but it wasn't that way for me in Windows 2003).

In any case, it seems to be working fine now, and I do appreciate the help.

Craig
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top