Re: Adding a Domain, child or someghing....

Hi Scott
Not enough info.
1 Domain 1 DC or more DCs, but multiple domains for the same DC isn't possible. Also Note that you can have member servers with local accounts instead of Domain Accounts. For example you could have a Web site server with Local accounts instead of using AD Accounts.
What these users need access to?


--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
"Scott Townsend" <scooter133@xxxxxxxxxxxxxxxx> wrote in message news:F802442D-AD9B-4229-BDCB-2E08392AF745@xxxxxxxxxxxxxxxx
So we have a few servers that have local users on them and after upgrading the servers here and there we lose the Local Users and have to re-create them on the new server. All of the Servers are Member servers in an AD Domain.

The local users are there only because we have given Extranet Access to some services and we do not want our customers to have the potential to access something in our AD Domain.

Is there a way to use our Existing DCs to create another domain or child or something that would allow central administration of the users with out giving them access to resources in our AD Domain?

Of the of the users have set up servers here with access to them via 'Authenticated User' So we do not want the Extranet Users to have access to these resources, or else we'd jsut add them to a new OU.

What is my best bet here? Do I need to add another AD Domain and another DC to support the domain and have a Trust? I really dont want to have to add more servers.

Thank you,
Scott<-

.

Relevant Pages

  • Re: NT4 servers wont join the domain
    ... The NT4 servers are member servers (not DCs). ... They're all running SP6a. ...
    (microsoft.public.windows.server.active_directory)
  • Browsing to Win 2003 Domain Controllers
    ... became DCs (they were member servers), they would appear in a network browse ... list (My network places, network neighborhood, etc.). ... made them into DCs and GC Servers, I have lost the ability to browse to them. ...
    (microsoft.public.windows.server.general)
  • Print Operators
    ... disfunctional on member servers. ... It is not added to new printers, ... And, to rant a bit about daft solutions, what do we need the group on DCs ...
    (microsoft.public.windows.server.general)
  • Local Account Password Reset
    ... We have a bunch of standalone W2K machines with many local accounts. ... the servers, to our Customer Support department who handle customer calls. ... What is the best way for me to allow non-Admin level customer support folks ...
    (microsoft.public.win2000.security)
  • Re: Local user accounts disappear when moving member server to new domain (and forrest)
    ... Having moved literally hundreds of servers between domains I have never seen anything happen to local accounts. ... Both the old and new domains have Windows Server 2003 systems as the DCs. ... They've been using local user accounts on the Win2K TS servers for the terminal services users. ... the two domains are in different forrests as well. ...
    (microsoft.public.windows.server.active_directory)