See our Privacy Policy and User Agreement for details. Create your free account to read unlimited documents. The SlideShare family just got bigger. Home Explore Login Signup. Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Next SlideShares. You are reading a preview. Create your free account to continue reading. Sign Up. Upcoming SlideShare. Active directory installation windows 1. Embed Size px. Start on.
Show related SlideShares at end. WordPress Shortcode. Share Email. Top clipped slide. Chapter01 Introduction To Windows Server Installation steps about window server and windows XP in virtualbox. Pace IT - Printer Installation. Installation of Active Directory on Windows Server. Introduccion A Windows Server Active directory introduction.
Related Books Free with a 30 day trial from Scribd. Uncommon Carriers John McPhee. The Art of War Sun Tsu. Related Audiobooks Free with a 30 day trial from Scribd. Elizabeth Howell. Abinet Gobena. Remo Paul. Salsa Sa. Dhanush Vicky. Srinivas Kommu. Show More. Views Total views. Actions Shares. No notes for slide. First make sure you read and understand Active Directory Installation Requirements. If you don't comply with all the requirements of that article you will not be able to set up your AD for example: you don't have a NIC or you're using a computer that's not connected to a LAN.
Meaning - don't do it for any other scenario, such as a new replica DC in an existing domain. Step 1: Configure the computer's suffix Not mandatory, can be done via the Dcpromo process.
Right click My Computer and choose Properties. Click the Computer Name tab, then Change. In the Primary DNS suffix of this computer box enter the would-be domain name.
Make sure you got it right. No spelling mistakes, no "oh, I thought I did it right Although the domain name CAN be changed after the computer has been promoted to Domain Controller, this is not a procedure that one should consider lightly, especially because on the possible consequences. Read more about it on Windows Domain Rename Tool page.
Click Ok. You'll get a warning window. Check your settings. See if they're correct 9. Click Ok to restart. Click Start, point to Settings and then click Control Panel. Double-click Network and Dial-up Connections. Right-click Local Area Connection and then click Properties.
Assign this server a static IP address, subnet mask, and gateway address. Note: This is true if the server itself will also be its own DNS server. Click Advanced. Click the DNS Tab. Select "Append primary and connection specific DNS suffixes" 4. Check "Append parent suffixes of the primary DNS suffix" 5. Check "Register this connection's addresses in DNS".
If this server needs to resolve names on the Internet, it should have a forwarder configured. This article assumes that you already have the DNS service installed. Right click Forward Lookup Zones and choose to add a new zone.
Click Next. The new forward lookup zone must be a primary zone so that it can accept dynamic updates. Click Primary, and then click Next. The name of the zone must be the same as the name of the Active Directory domain, or be a logical DNS container for that name. For example, if the Active Directory domain is named "lab. Type the name of the zone, and then click Next. Accept the default name for the new zone file. To be able to accept dynamic updates to this new zone, click "Allow both nonsecure and secure dynamic updates".
Click Finish. You should now make sure your computer can register itself in the new zone. Go back to the DNS console, open the new zone and refresh it F5. Notice that the computer should by now be listed as an A Record in the right pane. If it's not there try to reboot although if it's not there a reboot won't do much good.
Check the spelling on your zone and compare it to the suffix you created in step 1. Check your IP settings. Right click the DNS Server object for your server in the left pane of the console, and click Properties. Click the Forwarders tab. You can also move them up or down. The one that is highest in the list gets the first try, and if it does not respond within a given time limit - the query will be forwarded to the next server in the list.
Click OK. For example, if your IP address is You should also configure the new zone to accept dynamic updates. I guess you can do it on your own by now, can't you? Click Start, point to Run and type "dcpromo". The wizard windows will appear. In the Operating System Compatibility windows read the requirements for the domain's clients and if you like what you see - press Next.
Choose Domain Controller for a new domain and click Next. Choose Create a new Domain in a new forest and click Next. Enter the full DNS name of the new domain, for example - kuku.
This step might take some time because the computer is searching for the DNS server and checking to see if any naming conflicts exist. Click Next 8. Accept the Database and Log file location dialog box unless you want to change them of course. Accept the Sysvol folder location dialog box unless you want to change it of course.
This folder must be on an NTFS v5. This folder will hold all the GPO and scripts you'll create, and will be replicated to all other Domain Controllers. You should check your settings.
Go back to steps 1, 2 and 3. You have an option to let Dcpromo do the configuration for you. Otherwise, you can accept the default choice and then quit Dcpromo and check steps 1 - 3.
If your DNS settings were right, you'll get a confirmation window. Just click next. Accept the Permissions compatible only with Windows or Windows Server settings, unless you have legacy apps running on Pre-W2K servers. Enter the Restore Mode administrator's password. Review your settings and if you like what you see - Click Next. See the wizard going through the various stages of installing AD. You'll wreck your computer if you do. If you see you made a mistake and want to undo it, you'd better let the wizard finish and then run it again to undo the AD.
If all went well you'll see the final confirmation window. You must reboot in order for the AD to function properly. Click Restart now. First, see that the Administrative Tools folder has all the AD management tools installed. Run Active Directory Users and Computers or type "dsa.
See that all OUs and Containers are there. Run Active Directory Sites and Services. See that you have a site named Default-First-Site-Name, and that in it your server is listed. If they don't like in the following screenshot , your AD functions will be broken a good sign of that is the long time it took you to log on.
The "Preparing Network Co nnections" windows will sit on the screen for many moments, and even when you do log on many AD operations will give you errors when trying to perform them. Another reason for the lack of SRV records and of all other records for that matter is the fact that you DID configure the DNS server manually, but you made a mistake, either with the computer suffix name or with the IP address of the DNS server see steps 1 through 3.
Open the DNS console. See that you have a zone with the same name as your AD domain the one you've just created, remember? See that within it you have the 4 SRV record folders. Right-click the zone you created, and then click Properties. On the General tab, under Dynamic Update, click to select "Nonsecure and secure" from the drop - down list, and then click OK to accept the change.
Or from the command prompt type "net stop netlogon", and after it finishes, type "net start netlogon". Let it finish, go back to the DNS console, click your zone and refresh it F5. If all is ok you'll now see the 4 SRV record folders. Right-click Users , point to New , and then click User. Type the first name, last name, and user logon name of the new user, and then click Next.
Type a new password, confirm the password, and then click to select one of the following check boxes:. Review the information that you provided, and if everything is correct, click Finish. After you create the new user, give this user account membership in a group that permits that user to perform administrative tasks.
Because this is a laboratory environment that you are in control of, you can give this user account full administrative access by making it a member of the Schema, Enterprise, and Domain administrators groups. To add the account to the Schema, Enterprise, and Domain administrators groups, follow these steps:.
The final step in this process is to add a member server to the domain. This process also applies to workstations.
To add a computer to the domain, follow these steps:. Click OK. When you are prompted, type the user name and password of the account that you previously created, and then click OK. After you have completed the installation of Active Directory, you may not be able to start the Active Directory Users and Computers snap-in, and you may receive an error message that indicates that no authority can be contacted for authentication. This can occur if DNS is not correctly configured.
To resolve this issue, verify that the zones on your DNS server are configured correctly and that your DNS server has authority for the zone that contains the Active Directory domain name. If the zones appear to be correct and the server has authority for the domain, try to start the Active Directory Users and Computers snap-in again. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. Please rate your experience Yes No. Any additional feedback?
0コメント