P
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
F
Frankster
That book discusses how to configue a Windows 2000 Server that is NOT a
Domain Controller.
-Frank
Herb
The best explanation I can offer
http://www.oreilly.com/catalog/1928994547/#top
Domain Controller.
-Frank
Herb
The best explanation I can offer
http://www.oreilly.com/catalog/1928994547/#top
R
Robert Moir
Peter said:
Either you haven't actually read that book, or it's a piece of rubbish and
you should return it for a refund, if you think it tells you how to create a
domain on Windows 2000 without using AD.
A
Alfredo
I have a SOHO with only one Win2K internet server and one XP PRO
workstation, so it would be ridiculous to use AD.
When I try to join the Win 2k's internet domain, I get "The DNS SRV
record is not registered in DNS", which of course is true. I don't want
AD if I can help it.
The XP PRO machine is then supposed to try to log in using the WINS
protocol but there's no sign of it trying.
And Yes,
- I have googled endlessly
- WINS is running in server
- Computer browser service is running on both
- On XP my ZoneAlarm firewall is disabled for the trusted zone
- Server has no firewall
- DNS points to my server only
- My ipconfig looks just fine
- Server and wks can ping and nslookup each other
- Server works just fine, can be seen by the entire planet
- WKS works just fine, can see the entire planet
- Have futzed with the XP's TCPIP configuration
- Have enabled netbios over TCPIP
- Nothing related in Event Viewer except computer browser can't download
list from PDC (naturally since it's not logged in)
I would like my XP computer to join this domain without installing AD on
the 2k server. How can I make that happen?
Thanks for any help, greatly appreciated!!
workstation, so it would be ridiculous to use AD.
When I try to join the Win 2k's internet domain, I get "The DNS SRV
record is not registered in DNS", which of course is true. I don't want
AD if I can help it.
The XP PRO machine is then supposed to try to log in using the WINS
protocol but there's no sign of it trying.
And Yes,
- I have googled endlessly
- WINS is running in server
- Computer browser service is running on both
- On XP my ZoneAlarm firewall is disabled for the trusted zone
- Server has no firewall
- DNS points to my server only
- My ipconfig looks just fine
- Server and wks can ping and nslookup each other
- Server works just fine, can be seen by the entire planet
- WKS works just fine, can see the entire planet
- Have futzed with the XP's TCPIP configuration
- Have enabled netbios over TCPIP
- Nothing related in Event Viewer except computer browser can't download
list from PDC (naturally since it's not logged in)
I would like my XP computer to join this domain without installing AD on
the 2k server. How can I make that happen?
Thanks for any help, greatly appreciated!!
G
Gregg Hill
"Configuring Windows 2000 WITHOUT Active Directory is about ****making the
most of those Windows 2000 features and services that can be used
independently of AD**** -whether in an existing NT4 domain environment,
Novell's NDS, UNIX, or even ****in a standalone workgroup.****
According to the short description, the book is not saying how to create a
domain without AD. It is about what can be done using 2000 without AD.
Gregg Hill
most of those Windows 2000 features and services that can be used
independently of AD**** -whether in an existing NT4 domain environment,
Novell's NDS, UNIX, or even ****in a standalone workgroup.****
According to the short description, the book is not saying how to create a
domain without AD. It is about what can be done using 2000 without AD.
Gregg Hill
A
Alfredo
Myweb said:If you don't make your server a domain controller, you have no domain to
join. Check that the server and workstation are in the same named Workgroup.
Thank you, the server is indeed a PDC and has been for years. This is
not a workgroup I'm trying to join, it is a domain.
A
Alfredo
Dave Patrick said:Yes. Try turning off the XP firewall and bind NetBIOS over tcp/ip to the
connection on Windows XP
Thank you Dave. The server has no software firewall.
The XP's Windows firewall was always turned off, on the XP I use Zone
Alarm which is turned off for the trusted zone, in which I placed the
server, and Netbios over TCPIP was always enabled.
So, for all intents and purposes there is no firewall between the XP and
2k machines.
Mainly I am thrilled you say I can do what I want, without AD, thanks
for that.
Anything else I can answer? Would love to do this so I can go enjoy the
long holiday.
R
Robert Moir
Gregg said:"Configuring Windows 2000 WITHOUT Active Directory is about
****making the most of those Windows 2000 features and services that
can be used independently of AD**** -whether in an existing NT4
domain environment, Novell's NDS, UNIX, or even ****in a standalone
workgroup.****
According to the short description, the book is not saying how to
create a domain without AD. It is about what can be done using 2000
without AD.
Well yes. Which is why I'm puzzled to see it suggested, given the original
question.
A
Alfredo
Herb Martin said:You even claimed later that you have AD on the server.
I claimed nothing of the kind.
* * *
What are you REALLY trying to accomplish? Obviously it has little to do
with yoru subject line.
I am REAAAALY trying to accomplish what it says in my subject line.
A
Alfredo
Frankster said:A Windows 2000 Domain is not possible without Active Directory. Therefore,
your assertion that you have a Windows Domain without Active Directory can't
be true.
Okay, I see. I set this up under NT, when it was possible to set up
your server as a PDC, and migrated to 2K.
The reason I (used to?) think I have a windows domain is that, right
now, today, in the 2K server, when I click on Explorer > My network
places > Entire network > Microsoft Windows Network >
MyInternetDomain.COM > MyWin2kMachine is shown.
Now, you call this an "Internet Domain". If so, that is entirely different
than a Windows Domain.
Sure. This machine serves as both an internet web server (I own my
internet domain name and run the server here at home, that's the 2K
machine) and have a personal machine (the XP machine) with which I would
like to join that domain as domain administrator, be able to share files
and printers, etc.
A
Alfredo
Herb Martin said:There are no PDC or BDCs in Win2000+.
Thank you. That's very useful, at least I know now that what I hoped to
do may be futile, oh well.
I hoped to do it because I just think that AD is a gigantic PITA and
unnecessary overkill for my tiny one-machine internet server.
Did you do DCPromo and create a domain or not?
No, have never done that, thought that my machine was a PDC.
You have not "Win2000+ Domain" until you use DCPromo to create an Active
Directory Domain.
Ugh. Sorry to hear about that, but thanks for telling me.
G
Gregg Hill
His subject and his post do not jive, that's for sure!
If he answers my other questions, we'll know if he has a domain or a
workgroup.
Gregg Hill
If he answers my other questions, we'll know if he has a domain or a
workgroup.
Gregg Hill
H
Herb Martin
Gregg Hill said:His subject and his post do not jive, that's for sure!
If he answers my other questions, we'll know if he has a domain or a
workgroup.
He has a workgroup -- he finally gave me that info in one of the
subthreads.
He never (according to his most consistent posts) created a DC
on the server and does NOT have a Win2000 DOMAIN at all.
He wanted to use shared drives and "single signon" (although he
never used that term) with consistent SIDs on both the workstation
and the server.
He can have shared drives without the domain but the latte of
course requires he create an AD Domain -- as I told him in that
thread.
He also believes that "AD is a PITA" and that AD is markedly
more difficult to manage than an NT domain.
R
Robert Moir
Herb said:He also believes that "AD is a PITA" and that AD is markedly
more difficult to manage than an NT domain.
It is more difficult to manage if you don't know how to manage it, I
suppose. NT4 can be setup with a little luck and good sense but AD is a bit
more involved I think.
I'd have grave doubts about putting a live website on a DC managed by
someone who doesn't know enough about Windows 2000 servers to tell for
themselves if they have a domain or not :-(
H
Herb Martin
Robert Moir said:It is more difficult to manage if you don't know how to manage it, I
suppose. NT4 can be setup with a little luck and good sense but AD is a
bit more involved I think.
Remember we are talking about trivially small domains -- for these I
disagree, AD is pretty much a no-brainer for these.
You do DCPromo (and that can be done from the "Manage your Server"
thing that pops up on new servers), it creates the AD and the DNS.
The only thing important you have to get correct is that the client DNS
setting needs to point to the new DC/DNS server. (And it might work
anyway but slowly through NetBIOS broadcasts.)
NT has the issue that if you don't make the "server" a DC during install
you cannot do that without re-installing.
These systems are pretty equivalent for small domains.
I'd have grave doubts about putting a live website on a DC managed by
someone who doesn't know enough about Windows 2000 servers to tell for
themselves if they have a domain or not :-(
I pretty much said that to him straight out. There are many things that CAN
be done, but like the old saying about the "Yacht" (or other expensive
item),
"If you have to as how much it costs then you cannot afford it."
It is one thing to be confused on a subtle point or two -- we all suffer
from
that -- but quite another to not even know the difference between a DC
and Server and then keep that DC secure over time.
Today, I doubt that I would even recommend an expert do this with Win2000,
but only with 2003, and generally only for a "public AD Domain" where the
"users" are customers out on the Internet and not users within an
organization
that just happen to be traveling.
G
Gregg Hill
Herb Martin said:He has a workgroup -- he finally gave me that info in one of the
subthreads.
Which subthread? The one where he stated, "Thank you, the server is indeed a
PDC and has been for years. This is not a workgroup I'm trying to join, it
is a domain."
Or this one, "Okay, I see. I set this up under NT, when it was possible to
set up your server as a PDC, and migrated to 2K."
Or this one, "I would prefer the server to authorize my login into the
domain so that my NTFS rights and permissions on both the server and the
client belong to the same security ID. I need the server to be (what used
to be called) a PDC."
Or the several that contradict the ones above?
He never (according to his most consistent posts) created a DC
on the server and does NOT have a Win2000 DOMAIN at all.
I think this guy has no idea what he has. For example, he said that he
migrated his NT4 PDC to Windows 2000 Server. As far as I know, installing
Windows 2000 Server onto an existing NT4 PDC will FORCE it to become a
domain controller without ever running dcpromo.
The simple steps I asked him to do will tell us for sure. Heck, even one
step will tell: Right click My Computer, click Properties > Computer Name,
and see if says "Workgroup" or "Domain" right under Full Computer Name.
He could also load the Windows Support Tools and run dcdiag. If there is no
DC, he'll know right away.
He wanted to use shared drives and "single signon" (although he
never used that term) with consistent SIDs on both the workstation
and the server.
He can have shared drives without the domain but the latte of
course requires he create an AD Domain -- as I told him in that
thread.
He also believes that "AD is a PITA" and that AD is markedly
more difficult to manage than an NT domain.
AD a pain? It is nearly as simple as an NT4 PDC, even easier in some
respects, because you can switch back and for with dcpromo.
He claimed in his initial post that, "My ipconfig looks just fine" but he
never posted it so WE could tell him if it is correct.
I await his reply to my previous questions.
Gregg Hill
H
Herb Martin
Gregg Hill said:Which subthread? The one where he stated, "Thank you, the server is indeed
a PDC and has been for years. This is not a workgroup I'm trying to join,
it is a domain."
Or this one, "Okay, I see. I set this up under NT, when it was possible
to set up your server as a PDC, and migrated to 2K."
You will have to Google it if you really care "which" one -- certanly not
where he said the above, but in several of the threads where he was mostly
trading alternate responses with me alone.
(They are still in my OE thread list.)
Or the several that contradict the ones above?
Eventually with patient explanation he realized that he have never upgraded
or run DCPromo and had no DC.
I think this guy has no idea what he has. For example, he said that he
migrated his NT4 PDC to Windows 2000 Server. As far as I know, installing
Windows 2000 Server onto an existing NT4 PDC will FORCE it to become a
domain controller without ever running dcpromo.
By best reports -- and you are correct that none of us could testify in
court
as to his actual steps -- he never migrated or promoted a DC.
He finally realized that he has only a SERVER.
AD a pain? It is nearly as simple as an NT4 PDC, even easier in some
respects, because you can switch back and for with dcpromo.
That is precisely what I told him.
He claimed in his initial post that, "My ipconfig looks just fine" but he
never posted it so WE could tell him if it is correct.
I always hate such claims -- even when the poster is known to be
experienced and smart about Windows.
If anyone can say "my IP configuration is correct" then why are they
asking for help?
I await his reply to my previous questions.
I think he disappeared when he received the answers (from me.)
Don't hold your breath.
G
Gregg Hill
Herb,
As far as I know, installing Windows 2000 Server onto an **existing NT4
PDC** will ***FORCE it to become a domain controller*** without ever running
dcpromo. Can anyone out there confirm that assumption?
If that is correct, then he does have an AD domain controller, unless he ran
dcpromo after the upgrade to demote it. Only he can answer that correctly by
answering my questions.
The courtesy of a response from him to my questions would clear it all up
for good.
Gregg Hill
As far as I know, installing Windows 2000 Server onto an **existing NT4
PDC** will ***FORCE it to become a domain controller*** without ever running
dcpromo. Can anyone out there confirm that assumption?
If that is correct, then he does have an AD domain controller, unless he ran
dcpromo after the upgrade to demote it. Only he can answer that correctly by
answering my questions.
The courtesy of a response from him to my questions would clear it all up
for good.
Gregg Hill
H
Herb Martin
Gregg Hill said:Herb,
As far as I know, installing Windows 2000 Server onto an **existing NT4
PDC** will ***FORCE it to become a domain controller*** without ever
running dcpromo. Can anyone out there confirm that assumption?
That is true. He didn't do this however.
If that is correct, then he does have an AD domain controller, unless he
ran dcpromo after the upgrade to demote it. Only he can answer that
correctly by answering my questions.
He has said pretty definitely that he didn't upgrade an NT4 PDC
but installed a new DC.
Yes, I know he was confused at first but after a bit he seemed quite
clear on this point.
The courtesy of a response from him to my questions would clear it all up
for good.
Good luck.
A
Alfredo
Leythos said:What exactly do you want to do and
I would like my XP workstation to be able to share files and map drives
to and from the NT2K server. I can probably do that with a workgroup.
Second thing, a smaller deal, I would prefer the server to authorize my
login into the domain so that my NTFS rights and permissions on both the
server and the client belong to the same security ID. I need the server
to be (what used to be called) a PDC. I hear from you guys that AD is
unconditionally required for this, which is too bad.
* * *
It appears you have AD (according to other users posts) already on the
server.
If I had AD then I would not be getting the original error messages
about no SRV records in my DNS, unless I had AD but it was
mis-configured, or never-configured.
Except I do not recall ever doing DC promo, per Herb's question. In
fact I specifically remember going "ugh" and avoiding installing it.
It's not a matter of my XP machine not being able to see my server's SRV
recrods, I went to the server, opened DNS admin and there were no SRV
records. I added some manually, and my XP client found them when it
tried to log in, but then the complaint (the reason the computer
couldn't join the domain) turned to something else.
So it seems I do not have AD installed.
It sounds like, from another post, it is possible to have AD-DNS as well
as regular DNS. Ugh, what a MS POS. I don't even have it installed and
it's already a nightmare.
how do you have the 2000 server setup?
It might be hard to picture for a die-hard Microsoftie, but it is
completely possible to have an internet domain without *any* Microsoft
technology or their completely non-standard AD stuff. That's what I
have.
I have WinNT 2K server running, with all of the usual internet server
daemons (DNSd, HTTPd, etc) as NT services. I try to use standard
internet protocols and stay away from MS proprietary crap as much as
possible.
I don't hate MS, but (personal opinion) I think their tendency to create
their own standards is arrogant and against netiquette.