Hello, I have been learning about windows server opperating systems recently as a hobby. I live in a big family where I want to set up internet sharing (which is mighty easy) but I would like to authenticate users.

Over the past weeks I've had problems setting up DNS and active directory to work. I have had it working a few times, but then I try some extra new add on that stuffs it all up completely.

At the moment I can't make windows 2000 server or windows server 2003 work with DNS and active directory.

The real question is, can someone please give me a simple guide to setting up a stand alone windows server os based log on server that can authenticate users and share internet to them?

I don't own any internet registered domains but I don't think it's neccisary. I would like to use lawton as a domain in any variation with .local or .com or .network.somethingelse as long as it works.

I'm pretty tech savvy with most computer stuff and network things, but DNS and active directory has got me stumped. Any help will be greatly appreciated.


Thanks

A AD and sharing internet are two separate things. An AD is a concept that allows the management of the files structure and security for a domain enviroment. In your title you say Workgroup, but a domain and workgroup are two different things.
Youneed ICS to share the internet and a domain to centralize login.

What you need is a 2003 MCSA cert book. This will guide you through the creation of each part of the network. It is perfect for your situation in which you basically have a working lab. You will also learn a lot and be able to take the exams when your done. A nice bonus.

In win2k server, you have to set up DNS and DHCP in order to set up active directory. This will allow you to authenticate users in the domain. To share internet, I think you need to set up RRAS (routing and remote access). This is a long run for a short slide and is best done with an actual router. You can control internet access by setting up a proxy server, but from a security standpoint this is not the best option as it is easily defeated. (Although it sounds like you don't exactly have a high security risk.)

You're asking a questin that goes way beyond the scope of a discussion forum. I recommend a class or at least a good thick book.

In simple english, please tell us exactly what you are trying to accomplish. Home or office?
How many PC's?
What kind of Internet connection?
Share files and folders?

I think creating a RRAS (Routing and Remote Access Server) may be slight overkill for trying to share an internet connection on a home lan. IT really isn't necessary to use a proxy server either : )
While it would be great practice to use all the bells and whistles of a large remotely accessed network on a home lan, I think it is not necessary here. All he said he wanted to do was setup internet sharing (which sounds like this may already be done) and authenticate users. With a server OS and using AD you centralize your authentication and security. Once you authenticate, you log onto the network and have access to the PC itself. Using a router you would have internet access through the OS. It is pretty simple. With a server doing authentication and only a local admin account on the pc, no one would be able to turn on a computer and access it, unless they had valid credentials i.e a username and password, through either the domain or the local admin account. If you keep the local admin account secret and only give the users a domain account then you have everything you need. Logon security and internet access. This is a standard domain enviroment at most server based business networks.
RRAS and a proxy server are not necessary in this case.

Variable

I just got finished setting up a Windows 2003 server on my home network. I don't really know what problem you are having specifically. I found that the wizard steps you through setting up the AD server and DNS server pretty well. Just fill in the requested information, and it will get everything setup properly for you.

What is it exactly that is causing you problems?

As for internet sharing you are probably best of just using a router. It is possible to do it through ICS or RRAS, but probably not worth the effort. If you want something more interesting than just the average home router build up a Smoothwall computer.

If I may be so bold as to speak for lawton20, I think you guys are missing the thrust of his question. He's not setting up active directory because he needs it, (clearly he doesn't) but rather he wants to learn how to do it for the sake of learning. We ought to be helping him learn, not offering alternatives.

Feel free to slap me down if I've got you wrong lawton20.

Yawningdog,

You might as well speak for him as he has not spoken for himself. The question really is, what his he trying to accomplish and what is the best way to do it.

Sorry i havent replied i a week, i only get to work on this stuff on a friday, as i'm at uni for the rest of the week or working. I will make an effort to reply more frequently.

I'm serving 6 computers with cable internet, and file sharing is yet to come, but that should be easy and not so important.

I mannaged to sort out my active directory and dns problems, that's all running sweet. My cable internet is shared now to all computers using NAT and RAS, which is the goal, only it's always accessable. I want to deny access by user account in AD. That is to say, I want only users that I choose to be allowed to access the internet. How should I go about this under windows server 2003? What services do I need to set up to allow this?

Thanks for the help so far guys.