Answer the question
In order to leave comments, you need to log in
What are the pitfalls of setting up a server in a domain?
Good day.
I understand that the question is stupid, but given what I want to do, it's better to ask a stupid question once again than to rake up its consequences later :)
I have a terminal server (192.168.0.100) based on Windows server 2016, on which under hyper- v the domain controller (192.168.0.250) is spinning. At the same time, the terminal server itself is not included in the domain.
There is a huge bunch of local users on the terminal server who access it via RDP and are already doing their own thing there.
I want to drive a terminal server under the control of a domain controller, and as I understand it, purely in theory, users who logged into it under a local account will still be able to log in, and I can already gradually create domain accounts, and also gradually get rid of local ones.
In services, all services run under the "Local System" account, except for apache. It is from the local administrator. But it is not difficult to forward one service.
Here is the scheme that I described above, will take off? Or have I missed some important point?
Answer the question
In order to leave comments, you need to log in
Or have I missed some important point?Missed. There was some minor failure and the virtual machine did not start automatically when the iron server started. You want to understand the problem, but they won’t let you into the terminal server, because there is no domain controller (and it just so happened that you haven’t logged in under the admin account for the last month)... There is nothing completely hopeless in this situation, but the price upsets : the whole office is on the ears, the bosses are angry, the admin is running around ...
purely in theory, users who logged into it under a local account will still be able to log in, and I can already gradually create domain accounts, and also gradually get rid of local ones.It's right. It can be done gradually.
The primary domain controller should ALWAYS be on a real machine, with no associated tasks. Though celeron, though an atom, at least some other barebone or antiquity
Secondary can be virtual.
In the case of a crutch with a virtual primary controller, its host should NEVER be entered into its domain. Otherwise it's easy to shoot yourself in the foot
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question