Answer the question
In order to leave comments, you need to log in
O
O
Oleg Kalensky2021-08-11 07:44:00
Oleg Kalensky, 2021-08-11 07:44:00
Migrating RDP Users to AD?
Please kick in the right direction)
I have a small network for 100 devices working in WORKGROUP and, in general, everything is fine. Users partly work on their PC, partly on the server via RDP. I decided to complicate my life and implement AD.
We have
Server 2019 as an AD controller
Server 2016 as a terminal server
Lots of PCs with Windows 10
As far as I understand, moving PC users to a domain is not a sight for the faint of heart, so it's easier to create new ones.
But here concerning users on a terminal server and did not find the answer. Is it possible to somehow integrate them into AD, or will I also have to re-create all users? And in general, did MS not provide for the option when a domain is created based on the existing user structure?
And the second question, if I enter a terminal server into the domain, as I understand it, RDP access will fall off for everyone until I add users to the domain?
2 answer(s)
@snnrman
https://sys-team-admin.ru/videouroki/administrirov...
How to transfer users from a broken domain controller to the same but new one?
But in your case it won't help, obviously.
No. Local (from the point of view of the server) users may well log in via RDP if they are given such rights. A question only in distribution of the rights - it is possible to forbid, it is possible to permit.
@Mnemonic0
In terms of access and other things - both local and domain users can go - you just need to figure out a little about what AD is, how and why access rights are provided.
In terms of scripts - dig something into this steppe:
Get-LocalUser * | SelectName,FullName | fl | Export-CSV - to pull local
https://www.alitajran.com/create-active-directory-... - to create in AD
H
hint000, 2021-08-11 @snnrman
small network for 100 devices working in WORKGROUPWow! Spartan style, respect! I thought that I was a fan of minimalism, but even 40 users without a domain would be inconvenient for me to administer.
https://sys-team-admin.ru/videouroki/administrirov...
And in general, did MS not provide for the option when a domain is created based on the existing user structure?So I say, IMHO, you are a little late with the domain (it is assumed that the number of users is gradually increasing). It is better to implement it when there are fewer users, then it will be less painful. MS has tools to migrate from one domain to another.
How to transfer users from a broken domain controller to the same but new one?
But in your case it won't help, obviously.
And the second question, if I enter a terminal server into the domain, as I understand it, RDP access will fall off for everyone until I add users to the domain?
No. Local (from the point of view of the server) users may well log in via RDP if they are given such rights. A question only in distribution of the rights - it is possible to forbid, it is possible to permit.
M
Mnemonic0, 2021-08-11 @Mnemonic0
If you miss the post of the previous speaker and describe on the topic:
- Export the list of current users to csv with a script
- Create users in AD by running a script with a csv file as a source, specify the OU there
In terms of access and other things - both local and domain users can go - you just need to figure out a little about what AD is, how and why access rights are provided.
In terms of scripts - dig something into this steppe:
Get-LocalUser * | SelectName,FullName | fl | Export-CSV - to pull local
https://www.alitajran.com/create-active-directory-... - to create in AD
Similar questions
I
S
S
Y
W
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question