1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Terminal server

Discussion in 'Networking' started by beecher1, Mar 31, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. beecher1

    beecher1 Thread Starter

    Joined:
    Jan 16, 2008
    Messages:
    9
    Can I add terminal server role to my domain controller? The domain contoller only holds the files of the folks in the active directory. No databases run on this computer.
    As of now the DC will only allow just the two administrative log ins and I have setup the terminal services licenses for 150 users on another computer in the domain.

    Thanks.
     
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,984
    Yes. By default, the terminal server is locked down to two administrative logins. You just need to update the license on your domain controller to get more functional logins.
     
  3. rhynes

    rhynes

    Joined:
    Aug 14, 2006
    Messages:
    916
    Yes as long as you're not running 2003 SBS... However it's not a recommended practice - the reason MS took TS of the SBS 2003. How are you currently set up for remote access? Through port forwarding or vpn or is it just local office access?
     
  4. beecher1

    beecher1 Thread Starter

    Joined:
    Jan 16, 2008
    Messages:
    9
    local office access. the powers that be decided that pc are too costly for staff who do not use the harddrives only the server to save their data in a file. the DC is using server 2003.
     
  5. beecher1

    beecher1 Thread Starter

    Joined:
    Jan 16, 2008
    Messages:
    9
    how do i upadate the license if i loaded the license on another computer in the domain?
     
  6. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,984
    I don't understand what you mean by "pc are too costly for staff who do not use the harddrives only the server to save their data in a file." A fileserver will fix this problem.

    As to how to update the license if it's already loaded on another computer, you don't. You have to purchase a new license. Or unload that license and transfer it to the DC. Still don't understand why terminal services is needed for your business situation.
     
  7. rhynes

    rhynes

    Joined:
    Aug 14, 2006
    Messages:
    916
    Let's look at some reasons NOT to run Terminal services on a domain controller:

    - Forwarding ports to a domain controller from the internet is never a great idea, if that's what you want.
    - requires that you grant "Log on locally" permissions on your domain controller, you'll be relaxing security on your overall network to do this. You'll have to be sure to change ALL of the permissions to folders, by default, any user logged into terminal services will have access to everything.
    - Performance is a big one, it will suffer - how many users will terminal services support and how big is your server, can it handle the extreme load?
    - Never put all your eggs in one basket.
    - How will you control surfing on the DC through terminal services? Remember, if someone is surfing "high risk" sites from your DC, you will suffer the consequences... It'll be cheaper to buy new computers rather than face the cleanup after a virus and a hacker. Think of the data on your server, and what it means if it falls into the wrong hands.

    Ask your bosses what the cost of their data is, how much will it cost to replace it.
     
  8. beecher1

    beecher1 Thread Starter

    Joined:
    Jan 16, 2008
    Messages:
    9
    We only have the two servers. There will be 100 users on the DC and we added 8 gigs of ram to the DC for the users. The hp thin client has a setup where u only allow users access to certain folders. The users only have folders with their own personal files in them located on the DC but they does use the internet for one case management program and the thin client allows users to telnet to the WAN in Raleigh. The users will not admin rights so how can they have access to all the folders on the DC? Rights don't change with the advent of using TS does it?

    We went with thin clients because the county does not have the money for new pcs and the users need new equipment. The other server is 4 years old and holds the TS license. I know added folks to the DC was dangerous but i really don't have a choice. I have to have the thin clients in place by July 1.
     
  9. rhynes

    rhynes

    Joined:
    Aug 14, 2006
    Messages:
    916
    2003 standard will only handle up to 4 gigs of ram if that's what you have. You'll need enterprise or other to use more ram. Check under the system icon in control panel to see how much ram is being picked up. If it's only picking up 3 gigs (that's normal) then you'll need the /pae switch in the boot.ini file.

    Without installing terminal server, create a basic user for remote access and check what users have access to what folders. It's not just administrator logins with the 2 logins.

    It's doable, just not a recommended practice.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/698907

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice