My situation is I deployed a couple of domain controllers at some locations. My boss didn't want to spend money on servers, so I reused some servers we were not using.
I installed them as domain controllers and added DFSR replication to them. Everything is working fine, I am having no problems at all, it has been working great for a year or more.
I am working on securing our AD and I am not using my domain admin credentials for anything anymore, just emergencies.
I noticed the other day I can not add new folders and share to the servers that are domain controllers and I understand why I can not. I added my dfsradmin AD group to delegation but that did not take care of it. I am just try to work with what I have.
What would be the simplest way to allow a non domain admin to add folders and share them from this server that is a domain controller?
I know it would be best to separate them, but I can't at this point. All of the folders and shares are on a separate volume. This is also Server Core 2019.
Any suggestions?
Worst case scenario is we just add another server to each location with this setup, but I am seeing if I can work with what I have until we can do that.
