SYSTEM ADMINISTRATIONINSTALLING DOMAIN

CONTROLLERS

Dr. Zeeshan Bhatti

BSIT-IVModule 3: Lecture 3

PART-II

Installing Domain Controller

2

DOMAIN CONTROLLER (DC).

One of the greatest features of Windows Server 2003 is its ability to be a Domain Controller (DC). 

The full features of a domain are beyond the scope of this workshop, but some of its most well known features are its ability to store user names and passwords on a central computer (the Domain Controller) or computers (several Domain Controllers). 

In this tutorial we will cover the "promoting" (or creating) of the first DC in a domain.  This will include DNS installation, because without DNS the client computers wouldn't know who the DC is. 

You can host DNS on a different server, but we'll only deal with the basics. 3

WHAT IS A DIRECTORY SERVICE?

A service that helps track and locate objects on a network A service that helps track and locate objects on a network

Active Directory Management

UsersUsersServicesServicesWorkstationsWorkstations FilesFiles

The core function of any directory service is that it lets you find information on a network and make your own data network-accessible. 4

ACTIVE DIRECTORY DOMAINS

Boundary of Authentication

Boundary of Policies

Boundary of Replication

IIUM.edu.my

• Domains represent logical partitions within Active Directory for security and directory replication

• Microsoft.com” is an example of a domain name.• There is a one-to-one correspondence between Active Directory domains

and DNS domains.5

ACTIVE DIRECTORY TREES

CONTOSO.COM

US.CONTOSO.COM

SharedSchema

Configuration

Global CatalogOHIO.US.CONTOSO.COM

• A tree is a grouping of domains that forms a contiguous namespace. • A contiguous namespace is a set of domain names in which each child

adds one or more identifiers to the beginning of the parent DNS name. • For example, if the parent domain was iium.edu.my and the child domain

was cita.iium.edu.my, these two would form a contiguous namespace.6

ACTIVE DIRECTORY FORESTS

US.CONTOSO.COM

FABRIKAM.COM

UK.FABRIKAM.COM

CONTOSO.COM

Schema

Configuration

Global Catalo

g• A forest is composed of one or more trees. • Unlike a tree, a forest can contain several noncontiguous

namespaces 7

STARTING THE SERVICES

Type “dcpromo” and click “OK”.

You will see the first window of the wizard.  As it suggests, I suggest reading the help associated with Active Directory.  After this, click "Next"

8

Click "Next" on the compatibility window, and in the next window keep the default option of "Domain Controller for a new domain" selected, and click "Next"

9

DOMAIN CONTROLLER

Now we will install the Domain Controller, select this service from the Manage Server.

We want to create a new domain.

10

DOMAIN FOREST In Windows Server, you can connect your domain to an existing domain structure, or you can start from scratch.

We will create a new forest for our domain.

11

DNS DNS is integrated with the Domain Controller.

Select the second option – Have the computer install DNS for you.

12

DOMAIN NAME Now you need to select a domain name. It should be the same name you used in the DHCP (i.e. TIHE.ORG)

13

NETBIOS DOMAIN NAME The computer will choose a netbios name for your domain. Click next.

Database and Log Folders The computer will select a path for this entry. Click next.

14

Shared System Volume The SYSVOL folder is a public share, where things like .MSI

software packages can be kept when you will distribute packages

The computer will select a DEFAULT path for this entry. Click next.

15

DNS REGISTRATION Now we will get a message that basically says that you will need a DNS server in order for everything to work the way we want it . 

As mentioned earlier, we will install the DNS server on this same machine , but it can be installed elsewhere.  So keep the default selection of "Install and configure“ second option, and click “Next”.

16

PERMISSIONS we keep the default of "Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems" and click "Next"

17

Restore Mode Password The restore mode password is the single password that all

administrators hope to never use, however they should also never forget it because this is the single password that might save a failed server. 

Make sure it's easy to remember but difficult to guess

18

SUMMARY Now we will see a summary of what will happen.  Make sure it's all correct because changing it afterwards can prove to be difficult.

19

After the previous next was clicked, the actual process occurs.  This can take several minutes.  It's likely that you will be prompted for your Windows Server 2003 CD (for DNS) so have it handy

20

GIVE STATIC IP If your computer has a dynamically assigned address (from DHCP) you will be prompted to give it a static IP address.  Click ok, and then in the Local Area Connection properties, click "Internet Protocol (TCP/IP)" and then "Properties"

21

In the next window select "Use the following IP address" and select the information that you will use for your domain (and 127.0.0.1 for the primary DNS, because your computer will host DNS.  I still suggest setting up an alternate as well.)  Click "OK" and then "Close" on the next window

22

And after a while you will see…… And we're finished. 

23

THANKYOU

Q & A

For My Slides and Handoutshttp://zeeshanacademy.blogspot.com/https://www.facebook.com/drzeeshanacademy