Friday, October 31, 2008

Connecting computers to the SBS Network

[This post courtesy of Steven Goddard]

This post goes over the different ways to join a client to the SBS 2008 network and differences.

HTTP://Connect

This method replaces the http://server/connectcomputer method. http://connect is a simpler url to remember, you don’t need to know or remember the server name. The goal of the web page is to do some pre requirements checking and guide the user through the experience before the Connect Computer program start. If we can detect the OS and browser version, specific instructions to that configuration are shown are shown on the web page to guide the user through the series of prompts they will see before the Connect Computer program starts. If we can’t detect that, a general set of instructions are presented.

Once you select “Start Connect Computer Program”, the wizard will start.

Note: see KB957708 if you the client machine can’t get to http://connect.

Portable Media

The second method involves creating portable media. Via the SBS 2008 Console, you can copy the Connect Computer launcher to portable media like a USB key. Then you can walk to each machine, plug in the USB key, and start the program (launcher.exe) that will download and start the Connect Computer wizard.

The wizard to do this is called “Connect Computers to your network” on the Getting Started Tasks and on the Network.Computers page. The wizard is a quick wizard. After the first page, you will need to select “Copy the program to portable media”.

image

Then, select the location to put the program.

image

Followed by the confirmation and the instructions how to run the program.

image

What is different between http://connect and the portable media method? They both launch the Connect Computer wizard (to be covered in a forthcoming post). However, if you can’t get to http://connect due to networking issues (lets say you are still getting DNS info via the router), you will get page not found. Running launcher locally, if it can’t get to the server, it will do a repair network. This will include doing an ipconfig release and renew. At this point, the client machine should get an IP from the SBS server, and able to get to the package to download the connect computer wizard.

Native domain join

You can always still natively domain join computers. The Connect Computer program only supports XP SP2 and above, Vista. So for older OS’s or server SKU’s, you will have to natively join them to the domain.


9 comments:

Anonymous said...

I am glad that we can now carry a portable app with us to accomplish joining PCs to a domain! Having a shorter domain to type in "HTTP://Connect" is going to be handy too.

With SBS 2003, if we did a "Native Domain Join" we lost the ability to use RWW on that PC until we disjoined it, performed a little magic and rejoined it using http://server/connectcomputer. Is there a loss of services with any of these methods?

Tim

Anonymous said...

Hi Tim,

SBS 2008 is a bit different than SBS 2003. In SBS2003, even if a user wasn’t in the Remote Desktop User group, they would see all computers in the domain. They could select any computer. However, it may fail connecting due to permissions. In SBS 2008, we have a concept of permitted users to a computer. Now, only computers that a user has been explicitly been granted access to show up in the connect to computer feature in RWW. So how does one assign a computer to a user? First, for domain admin’s, they have access to all computers, so no work there. For end users, there are three spots:

1) During the connect computer wizard, when you assign a network user to a computer, they are added to the remote desktop user group and the computer will show up in RWW
2) In the Window SBS 2008 console, if you go to Users and Groups tab, Users, double click on a user, you will see a computer tab. Select that. there you can add a computer to a user.
3) In the Window SBS 2008 console, if you go to Network tab, Computers, select a computer. There will be a User Access tab. You can add user(s) to a computer.

All three methods do essentially the same thing. They ensure the user is selected is added to the local Remote Desktop Users Group and add the computer to the users list of computers they can see in RWW.

Now, to your original question, you could natively domain join a client, and then do either 2 or 3 above to add computers. No other magic required.

Thanks,

Steven Goddard

Anonymous said...

Hi Steven,

I would like to find out what Connect Computer does in moment when it lists local accounts (windows "Move existing user data and settings"). Where it does search for list available local accounts which you can use for migrate? The problem is what to do if your profile is not listed beside all others despite the fact that you are logged with it? I believe the reason is in local computer but have no idea what "connect" looks for.

Thanks,
Robert Ambrož

Sean Daniel said...

Hi Robert,

We search for all public profiles on the system, and allow you to migrate those. If you aren't seeing a profile, it's likely this is marked as private. This is similar to 2003, and KB 886210 talks about this.

If you don't see the names you expect to, it's possible the profile is marked as private:
1. Log on to the client computer by using the username and password of the user whose settings you want to migrate.

2. In the folder, right-click the user's folder, click Sharing and Security, and then clear the Make this folder private check box.

3. Repeat this procedure for all subfolders that have this check box selected, and then click OK.

Then run the Connect Computer wizard to migrate the profile.

Anonymous said...

Hi Sean,

yes - KB 886210 is solution but I would like to point out that it could happend - as in my case on 9 computers - the folder is not marked as private but it is actually private. In this case Connect Wizard will not see this profile. The solution is quite simple (and stupid ...) - just check option, apply changes and then uncheck and again apply changes. I don't belive i'll find out what is behind this problem ... ;-)

Thank You for Your post,
Robert

Unknown said...

Hi Sean,

Is there anyway to use this for a Domain Profile (from a different Domain). We have chosen to do clean installs on several sites and it would be very handy to use this tool to import the existing profiles from the old domain. I have tried to set the permissions as anonymous and everyone to simulate a Public but with no joy.

Regards

Piers

Sean Daniel said...

Unfortunately no there isn't. The best way to do this is use the File Settings and Transfer Wizard, or Easy Transfer if you're in Windows 7

Chris M said...

I have an issue with Windows 7 in that only one of the two available user profiles appear in the drop down box of available users. How do I ensure that the folder belonging to the user that does not appear is not marked as private?

Thanks.

Sean Daniel said...

In the User Accounts you'll have to ensure hte account isn't encrypted or private. our tools don't handle cases like that.