Windows 2000 member server Vs Additional Domain Controllero

[proser]

hi all ,
I want to add a member server to my existing DC which is also windows 2000 server for the purpose of installing some specific software.
How to install a member server on the domain.Does a member server contain Active Directory? If so how is it different from an Additional Domain Controller?I want to be able to see all the active directory users and computers on the new member server.
Is it possible to achieve this ?

thanks in advance.

 

[Seaspray0]

To make it a member server, install server 2000 on it. Join it to the domain like you would a workstation. done. Member servers don't contain active directory. You give access like you would on the server. As long as it's joined to the domain, you can give access to domain users/groups found on the domain controller to files and folders on the member server. You won't need to create a bunch of accounts, your existing domain controller does the authentication work for the member server.

NOTE: you can basically use 2000 pro like a member server, but it will only accept 10 connections and you don't have the ability to use services like RRAS or terminal services that don't exist in pro.

Advantage: security-safer than a DC in the DMZ (you should never put a DC in the DMZ); or can be used to isolate services (or software) like remote access, terminal services (would really like terminal services to be on a member server for security reasons), Certificate Authority, Web server, etc. speed-less overhead processes to deal with; less replication traffic between controllers on the network. less administration-one less DC to deal with. You could even use dynamic dns on the member server to get it's ip address like the clients do.

Dissadvantage: Should have more than one DC on your network to improve reliability (or backup alot). Improves authentication performance for an overworked Domain Controller.

 

[Claudek]

As mentioned above, setting up a member server is just the same as a workstaion, only difference being the OS is Windows Server 2000.
It is always good to have at least 2 Domain Controllers in case one fails (especially if it the first DC which normally holds all the master roles for the domain by edfault). It is quite easy then to just transfer the roles to the other DC while you work at restoring data etc on the DC that failed. If you wish to make a Windows 2000 server an additional domain controller, it can be done straight after install, or you can make it a member server and promote it later. Either way, the command is the same, ie you type DCPROMO in your run bar and go through the Wizard. It will ask you questions like, "Is this the 1st DC?", "Is this going to be an additional DC?", etc which is quite easy to setup.

You cannot manage a domain through a member server by default. Ie, you cannot administer Active Directory users and computers. However, you can install the adminpak which can be found on your server CD, and latest service pack. This will give you the ability to do administrative tasks without having to promote the server to a DC. Note that you can install the adminpak on a Windows 2K professional as well.

Hope that's some info to work with.



Claudius (What certifications??)

http://www.iteq.com.au