• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

changing a workgroup to a domain

S

SLPFirehawk

Member
When I started my position at this company the network was setup and I didn't go about changing it to domain. Everything is accessible by anyone. No passwords or very few. I am wanting to change the network to a domain to where everyone must logon to the server in the morning. We are wanting an Internet connection sometime in the near future, thus my reason to go to a domain. Plus I want to be able to monitor what some people are doing. Is there a good site or any help that you guys can give me to completely change the workgroup to a domain?

Our operating systems at this time are Windows 98 and Windows NT 4.0 (Workstation & Server).

Any help would be greatly appreciated! If you guys have some questions, just post and I'll try to make my plans more clear.
 
You may want to consider skipping the NT 4 domain, and going right to W2K domain. M$ is already pushing to sunset support of NT4, and recently cancelled SP7 for precisely that reason. Also, if you have to teach people how to login anyway, might as well do W2K and be done with it. Not to mention, administering W2K and NT4 is substantially different, from a domain perspective.

Although, you might want to consider Windows XP, since that's being released shortly.

--Woodie
 
He is asking how to use windows 98 and windows NT 4. He is not asking what he should upgrade to...geez.

one good website is www.is-it-true.org.

but if u want windows 98 to log on with out the users from cancelling from the log on screen, you have to setup a registry key. i know the key is mustbevalidated and it equals 1. and in the client for ms networks, you just list the domain where u want the users to be validated.
in NT 4.0 just change the networking properties to domain from workgroup. This is just a brief summary of stuff to do.
 


<< In NT 4.0 just change the networking properties to domain from workgroup >>



It's not that simple. There are licensing costs (CALs), creating &amp; managing user accounts, migrating all the clients from the workgroup to the domain, setting domain policies (including Audit settings!), configuring (buying?) multiple domain controllers (for redundancy), and reACLing all the shares, on all the servers.

Who's going to be the Domain Admins? What about Server admins? Who needs to manage groups &amp; membership? This all depends on the size of the network, but it's worth it to take a little time to figure out how this may grow in the future. Scalability is one of the key reasons from moving from workgroup to domain.

W2K presents some options, because instead of learning all the stuff above, he could do it under W2K, which is better supported by the manufacturer. This could give him better features for rolling out internet access, by using W2K-based Dynamic DNS, DHCP, etc.

--Woodie
 
SLP - The short answer is that to move to a domain, you will either have to add a new server or re-format your existing NT server. Domains need a &quot;Primary Domain Controller&quot; to manage security and to generally keep track of the domain. A server has to be built from the ground up as a domain controller or as a member server and can't be changed without a rebuild. You are in workgroup mode which means it was built as a member server.

There's also a lot of changes that have to happen in how you deal with user accounts and how people's computers are setup.

This is a lot of work and is totally destructive of the data on the server. If you're not network-savy, you're probably better off to hire someone to come in and do it for you. It's a pretty major upgrade and involves a lot of different changes that aren't quite so obvious.


You do not, however, have to be in a domain structure to go to the Internet - You're probably confusing internet domains &quot;xxx.com&quot; with NT domains - Two different animals that aren't at all related. Any network can be on the Internet, regardless of how it's built.

- Garion
 
true there are more factors involved in creating a NT network...like licensing...adminstratoring usernames...security...
 
Duhh, mea culpa: Garion is right on target: NT4 servers must be built as DC's, whereas W2K ones don't have to be. So his comments are the most accurate as to the amount of work involved in making this happen.

--Woodie

PS: I knew that!
 
hmmm....sounds like alot of work and/or money. Right now I'm on a limited budget, so I guess I'll have to keep it unchanged for the time being.

I guess one thing I need to do to increase security is to take away the administrative privileges from the workstations. I'm wanting to restrict the user from installing software, but when I tried this with a few workstations I was still able to install and use software on those systems. Is there something I'm missing or doing incorrectly? I thought if I took away the administrator privileges, I would not be able to install the software.

Thanks for your help guys!
 
Some apps require admin rights to install on an NT 4 workstation, others don't. Just luck of the draw.

There are a LOT of registry hacks you can do to keep people from doing a lot of the bad things to a PC. You can lock it down extremely tightly - Take away the run menu item, don't show the desktop, even hide the start menu and just show 'em a generic toolbar like Office.

In general, however, it's better just to let 'em be. If the break their PC's by doing something stupid, get your boss to charge their department for the extra work they put you through.

Another thing you can do to ease administration is to build each workstation once &quot;perfectly&quot; then use Ghost to create an image file. Most of the time, these are small enough to fit on a CD. When they screw up their computer, slap the CD in, boot to DOS with a CD driver run Ghost and re-image it back to perfection. Just make sure that you get all the data off of it first or, better yet, make them save anything important to the network, not to their local hard drive.

- Jason
 
The ghost idea is pretty good. That's what we do, except we build a fully loaded workstation, with all the applications, run sysprep, and then put the image onto a server.

One boot diskette, w/ lan drivers, gets you to the ghost share, and we burn the image across the lan.

Be careful of ghost &amp; NT4--each machine is supposed to have a unique SID, so ghosting multiple machines may be a problem. I think they may have fixed that in a more recent version of ghost. We use W2K now, so it's not an issue for us.

--Woodie
 
You could research Linux if you want to get around the cost, but I'm sure the time you spend will go way up, perhaps surpassing the cost of MS software.. I do remember seeing a setting in Samba (the Linux program for Windows networking) that let it act as a domain server. Hmmmm.
 
If you use Ghost...there is a multicast program that comes with it. U can setup a server and create multiple images on the workstations at once. But you need to run the program ghostwalker to create new SIDs. We use it here and it works great.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top