Results 1 to 15 of 15
  1. #1
    Star Lounger
    Join Date
    Apr 2002
    Posts
    78
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Adding W2K Server to NT4 domain

    Hi folks,
    I have a client with an NT4 domain, who's gearing up to do Terminal Services over VPN from remote locations. We are planning to introduce a W2K server to the domain (a powerhouse) that will handle the Terminal services processing. I'm doing some advance testing, I'm relatively inexperienced when it comes to W2K and NT4, and I want to ensure that if I add a W2K server to the domain, that either
    1) It will be able to function as a domain controller in mixed mode, or 2) it will not interfere with the logon & authentication functions of the PDC on the network.

    I guess my question boils down to this:

    If I add a W2K server to the domain, and then install Active Directory, can the NT4 workstations still logon without any issues if this W2K server is functioning as a PDC emulator?

    Thanks for the help.

    Charlie T.

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Adding W2K Server to NT4 domain

    We operate a Windows 2000 file server, but it has no role in authenticating users. I am led to understand that I need to send at least one person to a 5 day course on Active Directory and plan on having another Windows 2000 server as a backup before we migrate from the NT4 PDC. We are putting that off for a while because we don't need AD. If you do need AD, might want to bring in a experienced consultant for a chat.

  3. #3
    4 Star Lounger pccoyle's Avatar
    Join Date
    Apr 2001
    Location
    Auckland, Auckland, New Zealand
    Posts
    535
    Thanks
    3
    Thanked 2 Times in 2 Posts

    Re: Adding W2K Server to NT4 domain

    Hi,
    You should have no problem with NT4 workstations logging into a 2000 PDC.
    Paul Coyle
    Approach love and cooking with reckless abandon

  4. #4
    Star Lounger
    Join Date
    Apr 2002
    Posts
    78
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    Hi, sorry for taking so long to reply.
    I currently have no problem accessing a W2K member server within the NT4.0 domain. What I'm wondering is this:
    Do you have to install active directory in order to get the W2K server to function as a PDC emulator?

  5. #5
    4 Star Lounger pccoyle's Avatar
    Join Date
    Apr 2001
    Location
    Auckland, Auckland, New Zealand
    Posts
    535
    Thanks
    3
    Thanked 2 Times in 2 Posts

    Re: Adding W2K Server to NT4 domain

    Hi Charlie,
    I am unsure what you mean by a PDC emulator, so can you explain in more detail please. We were recommended to have active directory on our PDC, both for the benefits and as I understand it beacause it was 'difficult' later to invoke active directory on the 'live' PDC
    HTH <img src=/S/grin.gif border=0 alt=grin width=15 height=15><img src=/S/flags/NewZealand.gif border=0 alt=NewZealand width=30 height=18>
    Paul Coyle
    Approach love and cooking with reckless abandon

  6. #6
    Star Lounger
    Join Date
    Jan 2002
    Location
    Suffolk, England
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    Not too hot on terminal services, but here goes:

    Assume that remote users coming in over VPN will need to log on to the domain via user account info on the the TS machine. if so, the W2K server will need to be a PDC emulator.

    To make a W2K server a PDC emulator, you will need to go thru a right old dance:
    1. Make sure you have an NT4 BDC as a backup for all your SID data.
    2. Upgrade the PDC to W2K, ensuring that you set it up to run in mixed mode.
    3. Set up a second W2K domain controller - this will be your terminal services powerhouse.
    4. Run DCpromo to demote the upgraded machine, and place your second W2K machine 'at the root of the forest'.
    5. Run a clean install on your original NT4 PDC machine. It can either run as another W2K server ('tho I assume your client doesn't want to pay for more W2K licenses than they need!), or an NT4 BDC - I'm not sure if you can install it directly as a BDC 'feeding off' your W2K PDC emulator, or whether you'll have to promote the backup NT4 BDC from step 1, then transfer in from there. In theory you could end up with this machine as your PDC once more, but if your 'powerhouse' is doing the job, I'm not sure what that would achieve.

    As to NT4 machines logging on, you should have no problems in mixed mode, 'tho of course they won't be able to access AD.

    I hope this helps (and is clear!) <img src=/S/flee.gif border=0 alt=flee width=25 height=25>

  7. #7
    Star Lounger
    Join Date
    Apr 2002
    Posts
    78
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    Yes, you've done a good job of explaining things.
    The missing piece in my understanding was step 2. What I think you're saying is that by taking the existing PDC and doing an upgrade to W2K in mixed mode, that same server will still function as a PDC whether or not I also install Active Directory. Right?
    Additionally, I've read that it's not really recommended that a TS server be a domain controller, because of the extra resources that are needed to handle the responsibilities of being a domain controller. What if I just left the TS server as a W2K member server (because I really don't think we need AD anyway), and let it communicate with the "step 2 PDC" for all logon & authentication needs?

    CT

  8. #8
    Star Lounger
    Join Date
    Jan 2002
    Location
    Suffolk, England
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    Hi.

    <hr>The missing piece in my understanding was step 2. What I think you're saying is that by taking the existing PDC and doing an upgrade to W2K in mixed mode, that same server will still function as a PDC whether or not I also install Active Directory. Right? <hr>
    Active Directory and being a domain controller are very nearly the same thing - you cannot have AD installed without being a Domain Controller, you cannot be a domain controller without AD.

    <hr>What if I just left the TS server as a W2K member server (because I really don't think we need AD anyway), and let it communicate with the "step 2 PDC" for all logon & authentication needs?<hr>
    If you want to be able to administer user rights and access in detail across the entire domain, including for TS from one location, you will need to upgrade the domain to W2K and install AD. If your current arrangements will suffice, then you don't need AD, and can leave your current PDC 'as is'. I don't know enough about TS to help any further.

    I've heard great things about an author called Mark Minasi - the 4th edition of his book 'Mastering W2K Server' is out - probably worth the money. (The only reason I've not yet bought it is the pile of other books I've not yet waded thru!)

    I have a signature I use on another BB which coes 'If you're not confused yet, I'll carry on.....' - this is starting to feel like that!

  9. #9
    Lounger
    Join Date
    Mar 2001
    Location
    Houston, Texas, USA
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    I also am trying to setup 'work from home" access through VPN. WinNT4.0 Server, Win98se client. (Other clients are 2000, XP/Home) I get the login and get connected, but can't map drives, or have access to applications like I do at the office. (I am admin, and even that password doesn't fly when mapping drives on server).

    Any good references (including the much searched MS site).

    Richard

  10. #10
    Star Lounger
    Join Date
    Apr 2002
    Posts
    78
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    This is a little off-topic from the original post, but I would suggest what you look into is either upgrading the server to a terminal services server, or putting Remote Administrator (like PC Anywhere, but faster, cheaper and more secure) on a workstation at the office. Then you connect to that workstation through the VPN, run the remote program, and get full access to network resources. The only thing that's difficult with Radmin is local printing, but there are ways to get it done.

    The link is: www.radmin.com

    I've found that connecting directly to a server and trying to map and browse drives through Network Neighborhood is really slow.

    HTH,

    Charlie T.

  11. #11
    4 Star Lounger
    Join Date
    Aug 2002
    Location
    Dallas, Texas, USA
    Posts
    594
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    There have been several replies to your post, but I thought I would add my two cents.

    First of all, I don't understand why your TS server would need to be a domain controller. If you 2k server is part of the domain (the NT 4.0 domain), it will authenticate TS clients through the NT 4.0 domain controllers. I am not sure if you can have a W2K server as a domain controller on an NT 4 domain, though my instincts say to not even try, because Active Directory can very easily take over an NT 4 domain.

    Next, we are running a Windows 2k TS on an NT 4 domain, and have no problems. There are a few TS capabilities that aren't available when on an NT 4 domain. One such limitation is printing, a TS server on Active Directory will allow for printing on the client side.

  12. #12
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Newark, New Jersey, USA
    Posts
    999
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    I read thru the posts and I'll just break it down simply.

    You cannot have AD on a flat domain. The w2k server will join the doman without a problem and will not authenticate unless you try to use AD. I have a flat NT domain, the PDC and BDC are NT 4.0. All the other servers (including 2 terminal servers) are 2k and are only members. As long as you don't use AD and make sure you turn off Browsing, DHCP, DNS server services, there should be any problems.
    Mike Wolfman
    Jack of all, Master of none
    Bow before me, for I am root.
    <IMG SRC=http://www.wopr.com/w3tfiles/112673-wolfsig.jpg>

  13. #13
    4 Star Lounger
    Join Date
    Aug 2002
    Location
    Dallas, Texas, USA
    Posts
    594
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    Browsing yes, because you want the PDC (and for backup BDCs) to be the Master browser. However, you can use DHCP, DNS and WINS on Windows 2000 'member' servers, in an NT 4.0 domain. Admittedly, just like all Windows 2000 services, you may lose functionality by not being on an Active Directory, but you can still use the services. (for example, an IIS server on an NT 4 domain is missing a security option that is available when that 2k server is in an Active Directory.).

    Root am I? For me before bow!

  14. #14
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Newark, New Jersey, USA
    Posts
    999
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    Yes, definately, but he didn't want to disturb the domain as it stands now, therefore, has to make sure services especially DNS and DHCP are turned off.
    Mike Wolfman
    Jack of all, Master of none
    Bow before me, for I am root.
    <IMG SRC=http://www.wopr.com/w3tfiles/112673-wolfsig.jpg>

  15. #15
    4 Star Lounger
    Join Date
    Aug 2002
    Location
    Dallas, Texas, USA
    Posts
    594
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Adding W2K Server to NT4 domain

    I think I just read your post wrong. I took it as allowing those services to run would interrupt an NT 4 domain. Which after re-reading your post, isn't what you meant. Gotcha. Sorry about that. <img src=/S/shrug.gif border=0 alt=shrug width=39 height=15>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •