Do server 2003 member servers renew SIDs like workstations? We have a member server that we would like to move to a DMZ(server will no longer communicate with DC), but was wondering wether to remove it off the domain first or leave it as is?

Hello, as you have not unjoined and joined again the server, its SID will remain the same. As the server will no longer communicate with your DCs then unjoin it and use it as a Workgroup member. If you don't proceed like that then after that cached credentials for user domain users expire, you will not be able to logon using domain users' accounts. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

first remove the server from domain and you can put it in to the dmz.Darshana Jayathilake

But make sure you know the local administrator password before disjoin. Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]