Jump to content

Remove Server from Domain and Rejoin, Implications?

Guest Karl Burrows

By Guest Karl Burrows
in Windows 2003 Server

 Share

Recommended Posts

Guest Karl Burrows

Guest Karl Burrows

Posted
Posted

I have been advised by Citrix in order to repair an installation of their

Presentation Server to remove this server from the domain and rejoin it to

clear an error I am having with this installation. This is not the DC, but

it is our primary file and print server. What are the implications of

removing this server? Will I lose shares, user permissions, mapped network

drives, etc? If not, is there a preferred way of doing this with the least

loss of network settings?

 

Thanks!

  • Replies 10
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Nightlegend

Guest Nightlegend

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

Nothing will be affected ,some time ago I have disjoined the ISA server from

the domain and rejoined it ,nothing were affected ,it's still unexplained to

me how come that the ultimate solution for many of the domain problems is to

dis/rejoin the affected client/server to domain and why it happens in the

first place.

 

Just be cautionery ,backup everything before doing so.

Best regards

"Karl Burrows" <karl@spamnospamyourbeacon.com> wrote in message

news:OQSnqEJaIHA.4172@TK2MSFTNGP02.phx.gbl...

>I have been advised by Citrix in order to repair an installation of their

>Presentation Server to remove this server from the domain and rejoin it to

>clear an error I am having with this installation. This is not the DC, but

>it is our primary file and print server. What are the implications of

>removing this server? Will I lose shares, user permissions, mapped network

>drives, etc? If not, is there a preferred way of doing this with the least

>loss of network settings?

>

> Thanks!

>

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

> I have been advised by Citrix in order to repair an installation of

> their Presentation Server to remove this server from the domain and

> rejoin it to clear an error I am having with this installation. This

> is not the DC, but it is our primary file and print server. What are

> the implications of removing this server? Will I lose shares, user

> permissions, mapped network drives, etc? If not, is there a

> preferred way of doing this with the least loss of network settings?

>

> Thanks!

 

I wouldn't do it - you may have to do a lot of fixing up permissions

afterwards.

 

I'd also have to question their insistence that disjoining/rejoining will

help, frankly.

 

I'm not a Citrix expert, but it would seem to me that this server role would

best be put on another dedicated server in the domain anyway. My $.02.

Guest Karl Burrows

Guest Karl Burrows

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

 

"Lanwench [MVP - Exchange]"

<lanwench@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in message

news:uaMozuMaIHA.1212@TK2MSFTNGP05.phx.gbl...

> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>> I have been advised by Citrix in order to repair an installation of

>> their Presentation Server to remove this server from the domain and

>> rejoin it to clear an error I am having with this installation. This

>> is not the DC, but it is our primary file and print server. What are

>> the implications of removing this server? Will I lose shares, user

>> permissions, mapped network drives, etc? If not, is there a

>> preferred way of doing this with the least loss of network settings?

>>

>> Thanks!

>

> I wouldn't do it - you may have to do a lot of fixing up permissions

> afterwards.

>

> I'd also have to question their insistence that disjoining/rejoining will

> help, frankly.

>

> I'm not a Citrix expert, but it would seem to me that this server role

> would best be put on another dedicated server in the domain anyway. My

> $.02.

>

 

Apparently, this is some kind of disjoin in a logging file they asked me to

run. It is trying to use a local account for the services instead of a

domain admin account, so the configuration is buggy and my .NET keeps

crashing. Citrix does not have the right credentials to join to the AD, so

account permissions, etc. are affected.

 

I seem to be getting conflicting information on the results and effect of

leaving and re-joining a domain. The SID for both the local computer and

the domain shouldn't change, so I would think permissions, etc. should not

be affected. Could I also use SHOWACLS to backup my permissions?

 

It was originally a DC, but was demoted in order to install Citrix. We only

have 2 servers in our network, so having a stand-alone server dedicated to

Citrix is not feasible at this point. We are using the Access Essentials,

which is a scaled down version of Presentation Server for smaller groups.

We have 8 remote users that only use it occasionally to run accounting

reports or pull files, so at this point, it wasn't cost justified to add

another server with the specs needed to run Citrix.

 

Thanks!

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

 

<snip>

> Apparently, this is some kind of disjoin in a logging file they asked

> me to run. It is trying to use a local account for the services

> instead of a domain admin account,

 

OK - but that shouldn't be a problem. Or, you should be able to specify a

domain account for the services to use, surely.

> yso the configuration is buggy and

> my .NET keeps crashing. Citrix does not have the right credentials

> to join to the AD,

 

Not quite sure what that means.

> so account permissions, etc. are affected.

>

> I seem to be getting conflicting information on the results and

> effect of leaving and re-joining a domain. The SID for both the

> local computer and the domain shouldn't change, so I would think

> permissions, etc. should not be affected.

 

But the permissions set on your files are for your domain users, not local

accounts - when you aren't part of the domain, I'm pretty sure those will

disappear.

> Could I also use SHOWACLS

> to backup my permissions?

 

I'm honestly not sure. I would just plan for plenty of cleanup time if

things go pear-shaped. Do a full backup (using NTBackup or something else

that includes security) just in case.

>

> It was originally a DC, but was demoted in order to install Citrix. We

> only have 2 servers in our network, so having a stand-alone server

> dedicated to Citrix is not feasible at this point.

 

I'd have bought one - it doesn't need to be a high-end box. And then you'd

still have two DCs - which is a good thing. Just my $.02

> We are using the

> Access Essentials, which is a scaled down version of Presentation

> Server for smaller groups. We have 8 remote users that only use it

> occasionally to run accounting reports or pull files, so at this

> point, it wasn't cost justified to add another server with the specs

> needed to run Citrix.

> Thanks!

Guest kj [SBS MVP]

Guest kj [SBS MVP]

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

Lanwench [MVP - Exchange] wrote:

> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>

> <snip>

>

>> Apparently, this is some kind of disjoin in a logging file they asked

>> me to run. It is trying to use a local account for the services

>> instead of a domain admin account,

>

> OK - but that shouldn't be a problem. Or, you should be able to

> specify a domain account for the services to use, surely.

>

>> yso the configuration is buggy and

>> my .NET keeps crashing. Citrix does not have the right credentials

>> to join to the AD,

>

> Not quite sure what that means.

>

>> so account permissions, etc. are affected.

>>

>> I seem to be getting conflicting information on the results and

>> effect of leaving and re-joining a domain. The SID for both the

>> local computer and the domain shouldn't change, so I would think

>> permissions, etc. should not be affected.

>

> But the permissions set on your files are for your domain users, not

> local accounts - when you aren't part of the domain, I'm pretty sure

> those will disappear.

 

Pretty sure they won't LW. Just like the domain profiles they'll have the

domain users sid for owner / permissions.

 

Rejoin to the same domain and all should be fine with permissions and such.

 

>

>> Could I also use SHOWACLS

>> to backup my permissions?

>

> I'm honestly not sure. I would just plan for plenty of cleanup time if

> things go pear-shaped. Do a full backup (using NTBackup or something

> else that includes security) just in case.

>>

>> It was originally a DC, but was demoted in order to install Citrix.

>> We only have 2 servers in our network, so having a stand-alone server

>> dedicated to Citrix is not feasible at this point.

>

> I'd have bought one - it doesn't need to be a high-end box. And then

> you'd still have two DCs - which is a good thing. Just my $.02

>

>> We are using the

>> Access Essentials, which is a scaled down version of Presentation

>> Server for smaller groups. We have 8 remote users that only use it

>> occasionally to run accounting reports or pull files, so at this

>> point, it wasn't cost justified to add another server with the specs

>> needed to run Citrix.

>> Thanks!

 

--

/kj

Guest Saral6978

Guest Saral6978

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

I agree with this statement: <I'd have bought one - it doesn't need to be

a high-end box. And then you'd still have two DCs - which is a good thing.

Just my $.02>

 

Using your only file server as the Citrix server, I don't think, is the best

option. You really should look at getting a lower-end server that you can

dedicate strictly to Citrix and running the user applications. I have 2

dedicated servers (one is for the most part a backup). At least I know that

if I have problems with my Citrix server, it's not going to affect my users'

access to any of their files (for those not using Citrix, that is). I guess

though, it depends on your situation and your company's budget, but you should

seriously consider the cons of not having a dedicated server for this application.

 

Also, you should be able to specify an account to run your Citrix services.

The installation is not asking you what account you'd like to use? Seems

a little strange. I wouldn't disjoin and rejoin, either, unless you simply

have no choice, and like it was said below, definitely give yourself plenty

of time to fix everything should this go in the wrong direction. I just

find it funny that some of these 3rd party tech support people can just say

"Oh, just disjoin and rejoin the server to the domain" and act as if it is

no big deal, because in my opinion, it is. In almost ALL cases there is

another way to resolve the problem.

 

> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>

> <snip>

>

>> Apparently, this is some kind of disjoin in a logging file they asked

>> me to run. It is trying to use a local account for the services

>> instead of a domain admin account,

>>

> OK - but that shouldn't be a problem. Or, you should be able to

> specify a domain account for the services to use, surely.

>

>> yso the configuration is buggy and

>> my .NET keeps crashing. Citrix does not have the right credentials

>> to join to the AD,

> Not quite sure what that means.

>

>> so account permissions, etc. are affected.

>>

>> I seem to be getting conflicting information on the results and

>> effect of leaving and re-joining a domain. The SID for both the

>> local computer and the domain shouldn't change, so I would think

>> permissions, etc. should not be affected.

>>

> But the permissions set on your files are for your domain users, not

> local accounts - when you aren't part of the domain, I'm pretty sure

> those will disappear.

>

>> Could I also use SHOWACLS

>> to backup my permissions?

> I'm honestly not sure. I would just plan for plenty of cleanup time if

> things go pear-shaped. Do a full backup (using NTBackup or something

> else that includes security) just in case.

>

>> It was originally a DC, but was demoted in order to install Citrix.

>> We only have 2 servers in our network, so having a stand-alone server

>> dedicated to Citrix is not feasible at this point.

>>

> I'd have bought one - it doesn't need to be a high-end box. And then

> you'd still have two DCs - which is a good thing. Just my $.02

>

>> We are using the

>> Access Essentials, which is a scaled down version of Presentation

>> Server for smaller groups. We have 8 remote users that only use it

>> occasionally to run accounting reports or pull files, so at this

>> point, it wasn't cost justified to add another server with the specs

>> needed to run Citrix.

>> Thanks!

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

kj [sBS MVP] <KevinJ.SBS@SPAMFREE.gmail.com> wrote:

> Lanwench [MVP - Exchange] wrote:

>> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>>

>> <snip>

>>

>>> Apparently, this is some kind of disjoin in a logging file they

>>> asked me to run. It is trying to use a local account for the

>>> services instead of a domain admin account,

>>

>> OK - but that shouldn't be a problem. Or, you should be able to

>> specify a domain account for the services to use, surely.

>>

>>> yso the configuration is buggy and

>>> my .NET keeps crashing. Citrix does not have the right credentials

>>> to join to the AD,

>>

>> Not quite sure what that means.

>>

>>> so account permissions, etc. are affected.

>>>

>>> I seem to be getting conflicting information on the results and

>>> effect of leaving and re-joining a domain. The SID for both the

>>> local computer and the domain shouldn't change, so I would think

>>> permissions, etc. should not be affected.

>>

>> But the permissions set on your files are for your domain users, not

>> local accounts - when you aren't part of the domain, I'm pretty sure

>> those will disappear.

>

> Pretty sure they won't LW. Just like the domain profiles they'll have

> the domain users sid for owner / permissions.

 

You may be right - but I'd still err on the side of caution, and I'd still

use another server (perhaps virtual) and I'd still be pissed at Citrix

support for suggesting that this was the way to "fix" it. ;-)

 

>

> Rejoin to the same domain and all should be fine with permissions and

> such.

>

>>

>>> Could I also use SHOWACLS

>>> to backup my permissions?

>>

>> I'm honestly not sure. I would just plan for plenty of cleanup time

>> if things go pear-shaped. Do a full backup (using NTBackup or

>> something else that includes security) just in case.

>>>

>>> It was originally a DC, but was demoted in order to install Citrix.

>>> We only have 2 servers in our network, so having a stand-alone

>>> server dedicated to Citrix is not feasible at this point.

>>

>> I'd have bought one - it doesn't need to be a high-end box. And then

>> you'd still have two DCs - which is a good thing. Just my $.02

>>

>>> We are using the

>>> Access Essentials, which is a scaled down version of Presentation

>>> Server for smaller groups. We have 8 remote users that only use it

>>> occasionally to run accounting reports or pull files, so at this

>>> point, it wasn't cost justified to add another server with the specs

>>> needed to run Citrix.

>>> Thanks!

Guest kj [SBS MVP]

Guest kj [SBS MVP]

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

Lanwench [MVP - Exchange] wrote:

> kj [sBS MVP] <KevinJ.SBS@SPAMFREE.gmail.com> wrote:

>> Lanwench [MVP - Exchange] wrote:

>>> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>>>

>>> <snip>

>>>

>>>> Apparently, this is some kind of disjoin in a logging file they

>>>> asked me to run. It is trying to use a local account for the

>>>> services instead of a domain admin account,

>>>

>>> OK - but that shouldn't be a problem. Or, you should be able to

>>> specify a domain account for the services to use, surely.

>>>

>>>> yso the configuration is buggy and

>>>> my .NET keeps crashing. Citrix does not have the right credentials

>>>> to join to the AD,

>>>

>>> Not quite sure what that means.

>>>

>>>> so account permissions, etc. are affected.

>>>>

>>>> I seem to be getting conflicting information on the results and

>>>> effect of leaving and re-joining a domain. The SID for both the

>>>> local computer and the domain shouldn't change, so I would think

>>>> permissions, etc. should not be affected.

>>>

>>> But the permissions set on your files are for your domain users, not

>>> local accounts - when you aren't part of the domain, I'm pretty sure

>>> those will disappear.

>>

>> Pretty sure they won't LW. Just like the domain profiles they'll have

>> the domain users sid for owner / permissions.

>

> You may be right - but I'd still err on the side of caution, and I'd

> still use another server (perhaps virtual) and I'd still be pissed at

> Citrix support for suggesting that this was the way to "fix" it. ;-)

 

Yep, CYA with backup, backup, backup.

 

Ditto on the Citrix support.

>

>

>>

>> Rejoin to the same domain and all should be fine with permissions and

>> such.

>>

>>>

 

--

/kj

Guest Karl Burrows

Guest Karl Burrows

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

 

"kj [sBS MVP]" <KevinJ.SBS@SPAMFREE.gmail.com> wrote in message

news:uAr8pJhaIHA.1208@TK2MSFTNGP05.phx.gbl...

> Lanwench [MVP - Exchange] wrote:

>> kj [sBS MVP] <KevinJ.SBS@SPAMFREE.gmail.com> wrote:

>>> Lanwench [MVP - Exchange] wrote:

>>>> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>>>>

>>>> <snip>

>>>>

>>>>> Apparently, this is some kind of disjoin in a logging file they

>>>>> asked me to run. It is trying to use a local account for the

>>>>> services instead of a domain admin account,

>>>>

>>>> OK - but that shouldn't be a problem. Or, you should be able to

>>>> specify a domain account for the services to use, surely.

>>>>

>>>>> yso the configuration is buggy and

>>>>> my .NET keeps crashing. Citrix does not have the right credentials

>>>>> to join to the AD,

>>>>

>>>> Not quite sure what that means.

>>>>

>>>>> so account permissions, etc. are affected.

>>>>>

>>>>> I seem to be getting conflicting information on the results and

>>>>> effect of leaving and re-joining a domain. The SID for both the

>>>>> local computer and the domain shouldn't change, so I would think

>>>>> permissions, etc. should not be affected.

>>>>

>>>> But the permissions set on your files are for your domain users, not

>>>> local accounts - when you aren't part of the domain, I'm pretty sure

>>>> those will disappear.

>>>

>>> Pretty sure they won't LW. Just like the domain profiles they'll have

>>> the domain users sid for owner / permissions.

>>

>> You may be right - but I'd still err on the side of caution, and I'd

>> still use another server (perhaps virtual) and I'd still be pissed at

>> Citrix support for suggesting that this was the way to "fix" it. ;-)

>

> Yep, CYA with backup, backup, backup.

>

> Ditto on the Citrix support.

>

>>

>>

>>>

>>> Rejoin to the same domain and all should be fine with permissions and

>>> such.

>>>

>>>>

>

> --

> /kj

>

 

I totally agree with everyone's suggestion, but the specs Citrix initially

required meant much more than a low end server. Unfortunately, this is the

learning curve I have been going through with this box. I find that Citrix

uses less resources than they seemed to indicate and could run on a smaller

server with a minimal configuration with maybe a bump in RAM. As my first

Citrix installation, it is a valuable lesson learned.

 

I also agree with the thought of Citrix just saying "remove the serve from

the domain and rejoin and all will be well." I manage about 15 servers for

several small businesses (most single server domains). I am by no means an

expert, but I at least know that just being instructed to do something is

not necessarily the best course of action. I think the process of

removing/rejoining a domain in theory should be a simple process as long as

it is done properly with no changes in configuration between the dis-join

and reconnection, but most of the time nothing goes simply with servers.

There are too many other processes dependent on some of the same services,

profiles, permissions, etc. and a fix for one application may create a

disjoin for another, especially since the issue deals with user permissions

and .NET framework.

 

Citrix actually works, I just am not able to view the admin modules and have

consistent .NET errors. Other the other issues I was having were due to

their lack of documentation regarding a rollup and hot fixes that didn't

apply to this version (however, for over a year, they published that it was

and recommended the updates in their KB!). I was able to work through those

leaving just a few issues to resolve.

 

I do have a feeling, however, that eventually removing it from the domain

and rejoining may fix most of my issues. It appears that when this server

was demoted, it left several remnants. I read after the demotion, there was

an issue with a Symantec folder with the same name as a Windows folder that

would create conflicts in the dcpromo.

 

I may actually just uninstall and reinstall the application and see if that

resets the user account and then decide if I need to remove it from the

domain then.

 

Thanks!

Guest Karl Burrows

Guest Karl Burrows

Posted
Posted

Re: Remove Server from Domain and Rejoin, Implications?

 

I agree that another server should be used, but it just wasn't feasible at

the time and the specs Citrix gave made it unreasonable to add it.

 

See my post under lanwrench for a more detailed response. Thanks!

 

"Saral6978" <sloberg@tlccompanies.com> wrote in message

news:28ab41d19d288ca378d37ffb91d@msnews.microsoft.com...

>I agree with this statement: <I'd have bought one - it doesn't need to be

>a high-end box. And then you'd still have two DCs - which is a good thing.

>Just my $.02>

>

> Using your only file server as the Citrix server, I don't think, is the

> best option. You really should look at getting a lower-end server that

> you can dedicate strictly to Citrix and running the user applications. I

> have 2 dedicated servers (one is for the most part a backup). At least I

> know that if I have problems with my Citrix server, it's not going to

> affect my users' access to any of their files (for those not using Citrix,

> that is). I guess though, it depends on your situation and your company's

> budget, but you should seriously consider the cons of not having a

> dedicated server for this application.

>

> Also, you should be able to specify an account to run your Citrix

> services. The installation is not asking you what account you'd like to

> use? Seems a little strange. I wouldn't disjoin and rejoin, either,

> unless you simply have no choice, and like it was said below, definitely

> give yourself plenty of time to fix everything should this go in the wrong

> direction. I just find it funny that some of these 3rd party tech support

> people can just say "Oh, just disjoin and rejoin the server to the domain"

> and act as if it is no big deal, because in my opinion, it is. In almost

> ALL cases there is another way to resolve the problem.

>

>

>> Karl Burrows <karl@spamnospamyourbeacon.com> wrote:

>>

>> <snip>

>>

>>> Apparently, this is some kind of disjoin in a logging file they asked

>>> me to run. It is trying to use a local account for the services

>>> instead of a domain admin account,

>>>

>> OK - but that shouldn't be a problem. Or, you should be able to

>> specify a domain account for the services to use, surely.

>>

>>> yso the configuration is buggy and

>>> my .NET keeps crashing. Citrix does not have the right credentials

>>> to join to the AD,

>> Not quite sure what that means.

>>

>>> so account permissions, etc. are affected.

>>>

>>> I seem to be getting conflicting information on the results and

>>> effect of leaving and re-joining a domain. The SID for both the

>>> local computer and the domain shouldn't change, so I would think

>>> permissions, etc. should not be affected.

>>>

>> But the permissions set on your files are for your domain users, not

>> local accounts - when you aren't part of the domain, I'm pretty sure

>> those will disappear.

>>

>>> Could I also use SHOWACLS

>>> to backup my permissions?

>> I'm honestly not sure. I would just plan for plenty of cleanup time if

>> things go pear-shaped. Do a full backup (using NTBackup or something

>> else that includes security) just in case.

>>

>>> It was originally a DC, but was demoted in order to install Citrix.

>>> We only have 2 servers in our network, so having a stand-alone server

>>> dedicated to Citrix is not feasible at this point.

>>>

>> I'd have bought one - it doesn't need to be a high-end box. And then

>> you'd still have two DCs - which is a good thing. Just my $.02

>>

>>> We are using the

>>> Access Essentials, which is a scaled down version of Presentation

>>> Server for smaller groups. We have 8 remote users that only use it

>>> occasionally to run accounting reports or pull files, so at this

>>> point, it wasn't cost justified to add another server with the specs

>>> needed to run Citrix.

>>> Thanks!

>

>

 Share
Go to topic listing
×
×
  • Create New...