0

I have Windows Server 2012 joined into domain, I am going to migrate it to become also Domain Controller for my domain that will have Remote Desktop services.

What would happen with local users that were created on these machine? Would these be available to log in with Remote Desktop after I add Domain Controller? And if I also add Remote Desktop services?

marek
  • 3
  • 1
  • Don't deploy anything onto a Domain Controller other than DNS. Use a separate server for RDS. – MDMarra Nov 17 '17 at 18:36
  • Is this really bad to put RDS on DC? – marek Nov 18 '17 at 15:36
  • yes, putting anything on a DC is generally a bad idea, but RDS, doubly so. You should deploy RDS to a dedicated server or server farm depending on size and hardware requirements. – MDMarra Nov 18 '17 at 16:48

1 Answers1

1

nope. No local users for DCs. You will have to use a domain account to manage DC.

strongline
  • 620
  • 3
  • 10
  • But will they survive propagation? Will I be able to log in to AD DC with local account that was created pre propagation? – marek Nov 17 '17 at 18:56
  • it won't . DCs don't have local account. – strongline Nov 17 '17 at 19:05
  • The Local SAM is disabled during the promotion process. Local accounts are still "there" but since the SAM doesn't work it won't let you use them. The only account that can technically logon locally is the original administrator of your domain, and that can be done in Directory Services Restore Mode (DSRM). – Kyp Nov 18 '17 at 19:58