1 / 35

Installing Active Directory

Installing Active Directory. Learning Objectives. Create a Windows 2003 domain Understand the role of DCPromo.exe and the Configure Your Server wizard Promote a member server to a domain controller Demote a domain controller to a member server

eric-hull
Download Presentation

Installing Active Directory

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Installing Active Directory

  2. Learning Objectives • Create a Windows 2003 domain • Understand the role of DCPromo.exe and the Configure Your Server wizard • Promote a member server to a domain controller • Demote a domain controller to a member server • Understand the role of the Active Directory database

  3. Learning Objectives • Understand the role of the shared system volume • Understand Active Directory domain modes • Install Active Directory on a Windows 2003 server • Add additional domain controllers to a domain • Change the mode of a Windows 2003 domain

  4. Roles • DC’s • Store the AD database • DC’s are peers • Provide logon, security, and management • Member Servers • Participate in Domain providing services • Do not run AD service • AD Clients

  5. Preparing for AD Installation • Don’t necessarily follow all the defaults when configuring your first Windows 2003 DC • Issues to consider: • IP addressing schemes and DNS • Existing naming convention may be NETBIOS based • Domain context • Relationship to other Domains • AD wizard provides info about existing Domains • If none exist creates a new Domain

  6. Preparing for AD Installation • Possible domain organizations for Texas Pinball and Cattle Company Organized by business function Geographically organized

  7. Domain Tree

  8. Installing AD • On a previously configured server, use dcpromo.exe to activate the AD Installation Wizard • Launching • dcpromo.exe • Configure Your Server

  9. Installing AD • You can also use dcpromo.exe to demote a DC to a member server

  10. Creating Windows 2003 Domains • Recall: • Domains - computers sharing a security boundary • Everything shares the same security, rights, and relationships • Domain trees - domains sharing a schema, GC, and contiguous namespace • Domain forests - domains trees sharing a common schema, configuration, and GC, but not a contiguous namespace

  11. Starting DC Promo • Start -> Run -> DCPromo • Installation Wizard appears

  12. Setting the DC role

  13. Setting the Domain type

  14. Establishing a DNS Name FQDN

  15. NetBIOS Domain Name

  16. Database and Log Folder Locations • Specify the AD database and logfile locations • %systemroot%\NTDS default • Separate drives

  17. Shared System Volume Location • Specify the shared system volume location • Scripts • Policies • NT • netlogon • NTFS • Disk Manager • convert /?

  18. Setting Permissions Compatibility

  19. Setting DS Restore Mode Administrator Password

  20. Review of Options

  21. Active Directory Installation Complete

  22. How AD uses DNS SVR records –RFC 2782 DNS server Where is the nearest DC? Its over there! Ok!! Userid and password Domain Controller Client

  23. Using the Active Directory Wizards • View DNS records

  24. Using the Active Directory Wizards • Promoting a member server to a DC (dcpromo) • Must be logged on locally as administrator • Create new or additional Domain • specify the network account for AD installation

  25. Using the Active Directory Wizards • Demoting a DC to a member server • use dcpromo.exe • Remove 1 DC • Completely removethe Domain

  26. Using the Active Directory Wizards • Demoting a DC to a member server • set local password for administrator of member server

  27. Using the Active Directory Wizards • Demoting a DC to a member server • verify removal of DC

  28. Understanding the Active Directory Database • Database and database log files are used to maintain the directory • Database file is stored in a file named ntds.dit • That file is stored in two locations: • %systemroot%\NTDS\ntds.dit • %systemroot%\System32\ntds.dit • Size may not be reported correctly

  29. Understanding the Active Directory Database • Database log files should be located in a separate partition, or on a separate physical drive as the database file (fault-tolerance measure) • AD activity logged to edb.log • Applied to AD database (ntds.dit) when activity low • Circular logging • Overwrites existing log file • Noncircular logging • Creates new log files • HKEY_LOCAL_MACHINE\CurrentControlSetServices\NTDS\Parameters\logging • ERD

  30. Understanding Active Directory Domain Modes • Windows 2003 supports four modes of operation: • Native mode • Mixed mode • Windows 2003 Intermediate Functional • Windows 2003 Functional

  31. Understanding Active Directory Domain Modes • Mixed mode -supports replication with Windows NT DCs • Use if: • unable to upgrade all DCs • unable to secure DCs in AD • lack resources to upgrade DCs • wish to use NT as a fallback

  32. Understanding Active Directory Domain Modes • Native mode - does not support replication with Windows NT DCs • Use if all DCs have been upgraded to Windows 2000 or 2003

  33. Understanding Active Directory Domain Modes • Switching to native mode • Active Directory Domains and Trust • select a domain

  34. Understanding Active Directory Domain Modes • Switching modes

  35. Understanding Active Directory Domain Modes • Switching modes

More Related