Arthur Fuller
artful at rogers.com
Mon Mar 6 19:18:59 CST 2006
I have one machine that is running Windows 2003 Server, but it so far is defined as part of the workgroup. How can I nuke the workgroup and then retroactively set up this box as the primary domain controller? In the short term, I don't care that while I reorganize everything I lose connectivity to the ancillary boxes, because that's all they are -- ancillary. So I feel quite free to nuke the workgroup, then create the domain and establish this box as the primary domain controller, then create the required users and then bring each box into the domain. I don't want to digress, but we are venturing close to the topic about what I really want, whose one-word answer I have been led to believe is ActiveDirectory. What I really want is that any of the known users be able to sit at any computer and login and have her Outlook file, her Favourites, Recent Documents list, etc. etc. available at once. I have lived on systems set up like this, but I didn't set them up and I have no idea how it's done. But that is my ultimate goal: 10 users, 3 of whom bring notebooks and connect via the wireless router, and the system knows who they are and knows which directories are available to them, etc. In the case of the latter 3, who are all clients, they should be able to access their client-specific directory on the server, and a few other directories, but not the whole world. In the case of, let's call them resident-users, of whom there are 8, they should be able to see their own data plus selected directories located here and there. Two of these 8 are fictional persons that I created to test the functionality of limited access. One is a user and the other is a developer (the latter so I can test VSS, Visual Studio 2005's concept of partial classes, etc.). Exactly two persons (me and my trusted colleague) can see everything everywhere. The immediate problems, I surmise from your reply, are: 1. nuke the workgroup; 2. retroactively reconfig the W23Server box to be the primary domain controller. I need help with both these steps. Thanks! Arthur -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Stuart McLachlan Sent: March 4, 2006 7:45 PM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] Kill a Workgroup and Replace it with a Domain On 4 Mar 2006 at 19:20, Arthur Fuller wrote: > Way back when, I set up my home network, back when I knew even less than I > do now, which is almost nothing. When it asked if I wanted to set up a > domain, I assumed that it meant an internet domain, which I didn't have, so > I chose Workgroup. I would now like to change this, and ultimately arrive at > an Active Directory solution, replete with roaming profiles, so that no > matter which box I am on, I see the same Outlook files, the same shortcuts, > etc. In short, how do I get from here to there? Should I just remove > everyone from the workgroup, then destroy the workgroup, then create a > domain, then add the boxes to the domain, and finally add the users? If not > this, then what? Assuming that you are using workstation OSs (2KPro, XPPro), you will need to upgrade the OS on one machine to a Server version or instal a new server with the appropriate OS. When you do the update, you set up that machine as the Primary Domain Controller. You then create user accounts on that server for all of your users. Once you have the domain controller set up, on each workstation change the Network properties to be part of a domain and enter the domain name. Then just follow the prompts to connect. >I have tried a few googles and got nowhere useful. One more > thing. I have purchased a wireless router, but not yet set it up. The > intended purpose of this box is to allow immediate access to my network to > several selected people only: clients and colleagues. I want a client to be > able to visit, turn on her notebook and immediately have access to my > network -- not complete unfettered access, of course, but access to areas of > interest to her. As long as you are using NTFS on all machines, once you hae set up a domain with a PDC, you can restrict access to any resource on any machine based on the user logon. Using wireless access to your network, if they have the relevant encryption key, they will be able to log on to your network and use whatever resources you have made available to them. > The list of clients/colleagues is small; less than 10 -- > and the only way they will ever access the network is by bringing their > notebooks here. In addition to the clients/colleagues, there are 4 others to > whom I want to give roaming profile abilities, so they can log in to any > available box and see their stuff and not see the stuff to which they have > no access. Again, this will all happen automagically once you set up a domain controller and user access rights. -- Stuart