How to Install the Active Directory Domain Services (AD DS) Role in Windows Server 2008 R2 and Promote a Server to a Domain Controller

Similar documents
Searching for accepting?

Network System Management. Creating an Active Directory Domain

In the Active Directory Domain Services Window, click Active Directory Domain Services.

Setting Up a Backup Domain Controller

Setting up Active Directory Domain Services

How do I install Active Directory on my Windows Server 2003 server?

How to. Install Active Directory. Server 2003

Installing Active Directory

Installation of MicroSoft Active Directory

Configuring a Windows 2003 Server for IAS

Windows Server 2008 R2 Initial Configuration Tasks

Creating a Domain Tree

Appendix B Lab Setup Guide

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

Active Directory integration with CloudByte ElastiStor

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

How to install Small Business Server 2003 in an existing Active

Industrial Security Facilities Database (ISFD) Troubleshooting Tips

How to Install and Configure ArchiveOne Express

CLEO NED Active Directory Integration. Version 1.2.0

Introduction. Versions Used Windows Server 2003

UNIT 5 ADDITIONAL PROJECTS BEFORE YOU BEGIN. Installing a Replica Domain Controller. You want to improve fault tolerance and performance on

How to Install and Configure the DHCP Service in Windows Server 2008 R2

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

Installing Active Directory on Windows Server 2008 by Daniel Petri - January 8, 2009 Printer Friendly Version

ServiceDesk 7.1 Installation and Upgrade. ServiceDesk 7.1 Installation and Upgrade - Using Domain Service Credentials A Step by Step Guide

5 Configuring a DNS Infrastructure

Creating a New Domain Tree in the Forest

Online Backup and Recovery Manager Setup for Microsoft Windows.

AD RMS Step-by-Step Guide

istorage Server: High Availability iscsi SAN for Windows Server 2012 Cluster

Active Directory Installation on Windows Server 2012

Changing Passwords in Cisco Unity 8.x

Building the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop

NAS 206 Using NAS with Windows Active Directory

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

How To Install And Configure Windows Server 2003 On A Student Computer

Using Microsoft Active Directory (AD) with HA3969U in Windows Server

Delegated Administration Quick Start

Windows Intune Walkthrough: Windows Phone 8 Management

Integrating idrac 7 with Microsoft Active Directory

Integrating idrac7 With Microsoft Active Directory

Windows Domain Network Configuration Guide

eadvantage Certificate Enrollment Procedures

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

PineApp Surf-SeCure Quick

Deploying System Center 2012 R2 Configuration Manager

istorage Server: High-Availability iscsi SAN for Windows Server 2008 & Hyper-V Clustering

Virtual Office Remote Installation Guide

LAB 1: Installing Active Directory Federation Services

Team Foundation Server 2012 Installation Guide

Faculty Details. : Assistant Professor ( OG. ),Assistant Professor (OG) Course Details. : B. Tech. Batch : : Information Technology

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

How To - Implement Single Sign On Authentication with Active Directory

RoomWizard Synchronization Software Manual Installation Instructions

Dell Compellent Storage Center

Presto User s Manual. Collobos Software Version Collobos Software, Inc!

Secrets of Event Viewer for Active Directory Security Auditing Lepide Software

Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network

Professional Mailbox Software Setup Guide

Contents Introduction... 3 Introduction to Active Directory Services... 4 Installing and Configuring Active Directory Services...

Installing Red Hat Enterprise Virtualization Manager RHEV-M on Windows 2008 R2.

Course: WIN310. Student Lab Setup Guide. Summer Microsoft Windows Server 2003 Network Infrastructure (70-291)

Lotus Notes 6.x Client Installation Guide for Windows. Information Technology Services. CSULB

Using TLS Encryption with Microsoft Outlook 2007

Using MailStore to Archive MDaemon

Active Directory Infrastructure Design Document

Using Windows 2008 RADIUS Authentication with Tripp Lite SNMPWEBCARD

Migrating Active Directory to Windows Server 2012 R2

Trial environment setup. Exchange Server Archiver - 3.0

Installing Policy Patrol on a separate machine

Microsoft IAS Configuration for RADIUS Authorization

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

ENABLE LOGON/LOGOFF AUDITING

Wavecrest Certificate

Windows 2003 Server Installation Guide

ILTA HAND 6B. Upgrading and Deploying. Windows Server In the Legal Environment

0651 Installing PointCentral 8.0 For the First Time

enter the administrator user name and password for that domain.

SQL Server 2008 R2 Express Edition Installation Guide

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Exchange 2013 mailbox setup guide

Password Manager. Version Password Manager Quick Guide

Intel Entry Storage System SS4200-E Active Directory Implementation and Troubleshooting

Installing LearningBay Enterprise Part 2

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

FaxCore Ev5 -To-Fax Setup Guide

Installing and Setting up Microsoft DNS Server

Use QNAP NAS for Backup

Configuring Windows Server Clusters

This means that any user from the testing domain can now logon to Cognos 8 (and therefore Controller 8 etc.).

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

These guidelines can dramatically improve logon and startup performance.

KB Windows 2000 DNS Event Messages 1 Through 1614

Releasing blocked in Data Security

Transcription:

How to Install the Active Directory Domain Services (AD DS) Role in Windows Server 2008 R2 and Promote a Server to a Domain Controller I am not responsible for your actions or their outcomes, in any way, while reading and/or implementing this tutorial. I will not provide support for the information herein. If you do not understand something, figure it out on your own. If you need help figuring it out, use Google to solve your problems. Introduction Active Directory is a database implementation used in Windows Server 2008 R2 to manage and maintain network resources. Active Directory is tightly integrated with the Domain Name System (DNS) and uses domain names as its primary method of referencing network resources such as computers, file shares, printers, and users. It is also the primary method used in Windows Server 2008 R2 to create and manage user accounts and their access permissions to network resources. Installing Active Directory is a two part process. The first part involves installing Active Directory Domain Services (AD DS). The second part involves running a program, or wizard, called dcpromo.exe. This wizard will promote a server to a domain controller. This tutorial will cover both installing the AD DS role, and running dcpromo.exe to promote a server to a domain controller "Active Directory Domain Services (AD DS) stores information about objects on the network and makes this information available to users and network administrators. AD DS uses domain controllers to give network users access to permitted resources anywhere on the network through a single logon process." This is the exact description of Active Directory Domain Services given by Microsoft as part of the Select Server Roles wizard. AD DS is the database portion of a domain controller which keeps record of every domain object and the permissions associated with it. When referring to a single logon process, the statement above is saying that when logging on to an Active Directory domain, it is only necessary to remember one user name and password combination. This improves the user experience and simplifies the administrative overhead necessary to operate a network. A domain controller is a server which hosts the Active Directory database and implements DNS to track and manage network assets. It is also the server which is contacted when logging in to a domain. For more information on how to implement and maintain an Active Directory infrastructure, refer to www.technet.com. A good starting point would be: http://technet.microsoft.com/en-us/library/bb727030.aspx

***Special Note*** This tutorial is narrowly focused on creating a new domain in a new forest. It is implied that the server you are working with is the first, and only, domain controller (and server) in the domain and forest. Steps 1. Begin with the Server Manager MMC. Click the Roles node in the left window pane.

2. Click Add Roles in the right window pane.

3. The Add Roles Wizard will begin. The Before You Begin screen will be the first thing you encounter. You can place a checkmark next to, "Skip this page by default", to prevent this screen from appearing before adding any other roles. Click the Next button.

4. Place a checkmark next to Active Directory Domain Services. The.NET Framework 2.5.1 Features and the.net Framework will need to be installed to support the Active Directory Domain Services role. Click the Add Required Features button.

5. Click the Next button.

6. A screen displaying the function of Active Directory Domain Services will be shown. Click the Next button.

7. The Confirm Installation Selections screen will be shown. Click the Install button.

8. When the installation has finished successfully, click the Close button. You will see a red circle with an 'X' in the center of it in the server manager console. This is because you have not completed setting up Active Directory. You will need to run dcpromo.exe in order to promote this server to a domain controller (either in an existing domain, a new domain in an existing forest, or a new forest in a new domain).

9. Click the Start Menu, then click the Run button.

10. Type, "dcpromo.exe", into the Run dialogue box and click the OK button.

11. The Active Directory Domain Services Installation Wizard will launch. Place a checkmark next to, "Use advanced mode installation", and click the Next button.

12. The Operating System Compatibility dialogue box will be displayed. Click the Next button.

13. Select the radio button next to, "Create a new domain in a new forest", and click the Next button. If you are adding a domain controller to an existing domain, select, "Existing forest", and, "Add a domain controller to an existing domain". If you are creating a new domain in an existing forest, select, "Existing forest", and, "Create a new domain in an existing forest".

14. Enter the FQDN (Fully Qualified Domain Name) in the text box under, "FQDN of the forest root domain:", and click the Next button. Best practice states that you do not use public domain names for internal domains. This means that you should not run your internal network on first level domains such as.com,.net, or.org. If you have an Internet presence that uses one of those domain suffixes, or any public domain suffix, best practice states that you create a disjointed namespace and rely on external name resolution, such as from your ISP, to access those publicly available resources. Securely integrating a public domain and a private domain is beyond the scope of this tutorial. I have created a private domain named "rustyhann.internal for the purpose of creating this tutorial and the tutorials to follow.

15. Unless your network configuration specifies otherwise, accept the default Domain NetBIOS Name and click the Next button.

16. In the, "Forest functional level: drop down box, select Windows Server 2008 R2 and click the Next button. If you are integrating this domain controller with an existing, mixed operating system domain (other version of Windows Server 2003 or Windows Server 2008), you will need to select a different forest functional level. Integrating a Windows Server 2008 R2 domain controller into a down-level, mixed operating system domain is beyond the scope of this tutorial.

17. Leave the checkmark next to, "DNS Server", checked and click the Next button. This indicates that you will be adding the DNS role to the domain controller while promoting it to domain controller status. If you are integrating into an existing DNS infrastructure, you may want to skip this step. This especially holds true if your main DNS zone is not Active Directory integrated. Integrating Active Directory Integrated DNS zones with non-active Directory Integrated DNS zones is beyond the scope of this tutorial. The DNS server address(es) that have been entered in the IP configuration of your sever, prior to installing the DNS service while running dcpromo.exe, will be configured as forwarders after the completion of dcpromo.exe and installation of the DNS service. For instance, this server had 8.8.8.8 and 8.8.4.4 as DNS server addresses prior to running dcpromo.exe. Because the DNS service was also installed while running dcpromo.exe, this server has also become a DNS server. It will resolve local (internal domain based) queries for clients directed to it, and itself. If it does not have an A (or AAAA) record for a client request, it will forward those requests, as an iterative request, to 8.8.8.8 and/or

8.8.4.4. DNS queries sent from network clients to the newly installed DNS server will be recursive queries, as the server will take responsibility for resolving those queries successfully. 18. A warning box stating, "A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run Windows DNS server.... Do you want to continue?" This is to be expected as you are creating a new, private (internal) DNS zone with no parent. Click the Yes button. This warning will not pop up if you are integrating this new domain controller in an existing domain and DNS infrastructure.

19. Accept the default values for the location of the Database folder, Log files folder, SYSVOL folder. Click the Next button. My recommendation is to never change these values. It can be done, but only do so if you know EXACTLY what you are doing.

20. Enter a Directory Services Restore Mode Administrator Password and confirm that password. Click the Next button. DO NOT FORGET THIS PASSWORD. YOU WILL NOT BE ABLE TO RESTORE A DEGRADED ACTIVE DIRECTORY DATABASE WITHOUT IT.

21. Review your installation decisions at the Summary screen and click the Next button.

22. Place a checkmark next to, "Reboot on completion", and let the installation finish. Your server will automatically reboot. Ensure all programs are closed and all data is saved. This is the end of this tutorial.

Troubleshooting If you are adding a domain controller to an existing domain, or creating a new domain in an existing forest, you need to have to appropriate administrator privileges to perform those actions. Both of those tasks are beyond the scope of this tutorial. Integrating a new Active Directory domain into an existing domain infrastructure is a complex task. This tutorial is narrowly focused on creating a new domain in a new forest where the server hosting the domain is the only domain controller. I am not responsible for your actions or their outcomes, in any way, while reading and/or implementing this tutorial. I will not provide support for the information herein. If you do not understand something, figure it out on your own. If you need help figuring it out, use Google to solve your problems.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information