Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Terminal Server - promote to DC?

Status
Not open for further replies.
swoodnj

swoodnj

Technical User
Jan 6, 2005
9
US
Company has a domain, call it somecompany.com. Within that domain is an application server. They have a separate terminal server that they did not want to be a part of the domain, so it was set up stand alone in a workgroup only (but it is physically attached to the network). Now, they want the people connecting to the terminal server to be able to run an application that’s installed on the app server in the domain. My initial thought is to promote the terminal server to a domain controller and get it into the existing domain. I recall being told that that’s not recommended, but how else can I authenticate users to run apps on the app server? They are insistent that the users not be prompted with multiple login prompts.Any thoughts would be greatly appreciated!

Steve W

 
Sort by date Sort by votes
Why promote it? Why not just join it to the domain?
 
Upvote 0 Downvote
The simple answer is to join the TS to the domain. After that you have a bit of "migration" to do. Now that you have joined the domain you do not need all those "Local Accounts" you created on the Terminal Server. You can replace those with new "Domain Accounts" you will create in AD.

That is a "bird's eye" answer to your question. Backup and test before you start.
 
Upvote 0 Downvote
Ok, so I just join it to the domain as a member server and set the users up in AD? I'm guessing putting them in their own OU would be helpful, would like to use GPOs that are specific to the TS users.
So is it gnerally accepted that terminal servers are best left as member servers?
Thanks for the replies, long time Novell guy here being thrown into the fire.
 
Upvote 0 Downvote
If at all possible, Terminal Servers should not be DCs.

MCSE CCNA CCDA
 
Upvote 0 Downvote
Okay, so it seems the best thing to do is to join the terminal server to the domain and add the TS users to the AD, putting them in their own OU. Will this ensure a simple login procedure?
Many thanks for the responses.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
250
Aquiles Vidal
Aquiles Vidal
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
200
MaioMaio
MaioMaio
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
285
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
213
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
238
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top