XP computers in W2K domain

  • Thread starter Thread starter Phil Hunt
  • Start date Start date
P

Phil Hunt

I have a bunch of XP Prof PC in an W2K managed domain. I set up 1 user
account on each PC. Everything works fine. THe trouble is the users
sometimes play musical chairs and want to use other PC and find that they
cannot use their account to log into the domain. They used to be able to do
that with NT. Is this something new with XP, if so is there a easy way to
set up an account so they can log into a doamin from any computers that has
already joined the domain. (I actually ghosted these machine, if it makes
any diff).

TIA
 
There is NO reason to create a a user on each PC. The PC needs to be added
to the Domain and the Domain users then logon to any PC that is a Domain
member. I suggest that you make the "Domain Users" group a member of the
local Administrors group of each PC.

To add a WinXP or Win2K PC to the Domain you need to have Domain
Administration rights. On WinXP --
Right Click on "My Computer".
Choose "Properties"
Choose "Computer name" then "Change"
Choose "member of Domain"
Enter the Domain name the use a Domain Administrtor account to add the PC to
the Domain.
Reboot
Logon to the Domain not the local PC.

Dave
 
Thanks. I did what you described on the FIRST computer, set up all the stuff
and GHOST the rest. Maybe I need to do the Join Domain thing specifically
again.

THanks
 
Phil:

Good. That's the way to do it ! However, I feel you left out a few parts.

When you setup the fiirst PC. Logon as yourself say account 'phil'.
Install all the software that will be common to all the platforms and users.
Configure all aspects of the platforms. Do this right down to the Desktop,
sceensaver, fonts, everything.

Once done, logon as 'administrtor' and copy the 'phil' profile to the
'default user' profile.

Once done, logon as 'phil' and remove the 'administrator' profile.

Once done, Sysprep the platform with "mini setup" option checked and choose
"reseal".

Once done, create the Ghost image.

One done, restore the Ghost image to the destination platforms. If you are
using Ghost Enterprise you can use MultiCast IP and restore one image to
*many* computers over the LAN at the same time.

One done, reboot each PC (one at a time) and the mini-wizard setup program
will run. If you use a sysprep.inf file certain functions will be automated.
If you don't the mini-wizard will prompt you for the WinXP Key-Code,
administrator password and Machine Name, IP stack, and to join a Domain or
Workgroup. You would join the Domain using the Administrative account. When
that PC is done it will be ready to logon to the Domain and will be unique to
the LAN.

If you FAILED to Sysprep the platform and the Ghosted the platform, you will
have a SID problem. It sounds like you need to go to EACH PC and manually
add each into the Domain becuase I have the feeling you did not Sysprep the
source Ghost platform.

Dave
 
You are right that I did not follow the sysprep and all that. When I go back
and re-join the computer to the Domain, everything should be fine and dandy,
right ????
 
Phil said:
I have a bunch of XP Prof PC in an W2K managed domain. I set up 1 user
account on each PC. Everything works fine. THe trouble is the users
sometimes play musical chairs and want to use other PC and find that they
cannot use their account to log into the domain. They used to be able to do
that with NT. Is this something new with XP, if so is there a easy way to
set up an account so they can log into a doamin from any computers that has
already joined the domain. (I actually ghosted these machine, if it makes
any diff).
Click to expand...
Hi

Here is a copy of what I posted lats time you asked this question:


Here is my suggestion:

1)
Remove the local accounts you have created.

2)
Let each user get a domain user account.

3)
Add "NT Authority\Interactive" to one of the local groups
(Administrators, Power Users, or Users) on each computer.

We add "NT Authority\Interactive" in the local Administrators
group to let all domain users automatically be local admins
when they log on to a domain computer interactively.

This is more secure than adding "Authenticated Domain users ",
"Domain Users" or "NT AUTHORITY\Authenticated Users" because you
avoid the issue with cross network admin rights (remote access)
that these groups introduces.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

XP computer in W2K domain 3
Default 3
Problem migrating local profiles to domain profiles on XP 2
domain/non-domain setup for "conference room computer" 2
Problem joining domain 3
"Windows cannot load the locally stored profile" for a domain user 4
How to move user profile from one domain to another 5
What I get if I connect XP Home to Domain? 2

Back
Top