Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Operating Systems

This is very important part of network configuration

advertisement 
This is very important part of network configuration before promoting server as a Domain Controller.
In DNS preferred IP address type 127.0.0.1(loopback interface) or the same IP address as server is
configured192.168.1.1 to point the server to DNS itself.
Network card configuration
Accept configuration and start promoting server by typing in run boxdcpromo
Running DC promotion
You should see Active Directory Domain Services Installation wizard. Select “Use advanced
mode installation” checkbox and follow with its instructions.
Active Directory Installation wizard
This warning is not so important for us, because we have no older operating systems as Domain
Controllers within network. It’s about security incompatibility between NT4 and 2008/2008R2, so let’s
skip this screen.
OS security incompatibility warning
At this point, we have to choose what we want to do with domain configuration. As this article is
about forest root domain, we don’t have to consider another option, now. We are creating completely
new domain in a new forest.
A forest root domain creation
You will see a window with question about forest root domain name. It’s good to set up name related
with your company. This is so called FQDN(Fully Qualified Domain Name or also known as DNS
Domain Name). Create internal domain name to separate it from your external (if it would be
necessary, i.e. for e-mail) with .local or .private suffix. These suffixes suggest that DNS domain is
for local resources and this is also connected with your local DNS zone name.
DNS domain name
now, specify NetBIOS domain name
NetBIOS domain name
Now, you need to choose Forest Functional Level
Setting up FFL will also configure Domain Functional Level in the same mode.
This is very important step in forest/domain configuration. This setting determines which operating
systems can be promoted to Domain Controllers. As we are configuring the only single
forest/domain environment it is not so difficult.
Domain Functional Level determines which operating systems can act as Domain Controllers
within that particular domain. By default (in new forest/domain configuration) it suggests Windows
Server 2003 which means that older OSes cannot be promoted as DCs. So, NT4 and Windows
2000 Server cannot be used in a network with AD:DS role. They still can be a domain member
servers but not Domain Controllers.
When you change DFL to Windows Server 2008 then only Windows Server 2008 and 2008 R2 can
be promoted to be DCs. And the last choice is Windows Server 2008 R2 – the only possible
operating system for Domain Controllers is Windows Server 2008 R2.
Each domain can be set up on a different Domain Functional Levels. But they have to fulfill Forest
Functional Level to be able to operate within a forest.
If you have more than one domain in a forest then you have to evaluate which one work in the
lowest mode. The lowest Domain Functional Level in a forest determines the highest Forest
Functional Level.
Forest Functional Level determines that all Domain Controllers in each domain cannot work on
older operating system than it’s specified in FFL.
If your FFL is set up to Windows Server 2003 that means, all of Domain Controllers in a forest are
based on at least Windows Server 2003.
It’s similar to other modes (2008/2008 R2)
Important! When you set up Domain/Forest Functional level it cannot be changed to lower mode, so
be careful when you choose them. If you are not sure which functional level is adequate for you,
choose the lower one. You can always raise it without any business continuity disruption later.
As we don’t want to use older OSes as DCs, we plan to use only Windows Server 2008 R2, we can
change Forest Functional Level to Windows Server 2008 R2. Domain Functional Level will be set
up on the same level automatically.
Forest Functional Level
This is our first domain and first Domain Controller, so we need to also set up new internal DNS
server to be able to use Active Directory. Whole Active Directory services rely on DNS services, so
they have to be always available.
Additional roles for DC
We are configuring our first DNS server, so it doesn’t exist right now, don’t worry and continue
DNS warning
Specify Active Directory database, logs location (you can leave defaults, those files are not so huge
and if server act as AD,DNS only, that’s enough space)
Active Directory files location
Set up password for Directory Services Restoration Mode which will be used in case of nonauthoritative/authoritative restore or other AD database maintenance. This password should be
different than Domain Administrator password and should be also changed regularly.
DSRM password
On the summary screen, you can review chosen settings and start server promotion process
Summary screen
After all, server reboot it’s required. You can do it manually, or select “Reboot on completion”
checkbox and wait until promotion will be done
Active Directory:Directory Services installation
Congratulations! Your Domain Controller for a forest root domain is ready! You can log on, on it,
using password specified during promotion process (the same password as Directory Services
Restoration Mode)
A forest root Domain Controller
Related documents
HABITAT RIDDLES
HABITAT RIDDLES
Forestry - SAI Global
Forestry - SAI Global
PPT presentation
PPT presentation
Teen Homework Helper Application
Teen Homework Helper Application
Link to word document of resume
Link to word document of resume
Notes From
Notes From
Download
advertisement