For a demo of the Active Directory of server 2012, I will do it in three experiments, three scenes, three scenes are very common, beginners can take a closer look.
So start our experiment one, the first thing to do is to prepare the virtual machine, this does not have to say, VMware Virtual machine believe that everyone is very familiar with the experiment we need three virtual machines, respectively, SERVER01,SERVER02,SERVER03,
These three virtual machines we all need to configure the IP address, shut down the firewall, open remote, these in the previous DNS installation demo has been described in detail, here do not make too many statements.
The general process of this experiment is to let Server01 as a DNS server to resolve uec.com this area, Server02 as AD domain control, Server03 as a normal client, to join the domain.
Server01 above the DNS and uec.com here not much to say, configuration is OK.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5c/01/wkiom1uyyshgalkkaahis3apnm4068.jpg "width=" 772 "height=" 523 "/>
Next is the focus of SERVER02 in the installation ad, since we are first involved in AD so, next is the detailed process, first we add new roles and features in Server Manager.
Before adding new roles and features, be sure to point the SERVER02 DNS to the DNS server Server01, remember, otherwise the ad will be installed at the end of the error can not be successful.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5c/01/wkiom1uyyshs4bp-aakgc9foxzq202.jpg "width=" 805 "height=" 571 "/>
After the next step, we choose the role-based or feature-based installation by default.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyy_ztvpldaaheibwxhq0850.jpg "width=" 801 "height=" 558 "/>
The following default selection, determine the good your native information.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5c/01/wkiom1uyyslxq-jfaaj_3850wwm339.jpg "width=" "height=" 559 "/>
Next is the focus, select the domain service, must not choose the wrong.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5b/fb/wkiol1uyy_3gwigcaalqeit2ffu924.jpg "width=" 805 "height=" 554 "/>
After the tick will automatically pop up the window, we do not have to choose, directly click the Add function just fine.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5b/fb/wkiol1uyy_3wu4giaaggd2z_xt0803.jpg "width=" 430 "height=" 430 "/>
After adding features to our next, default installation, do not make a selection.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5c/01/wkiom1uyyslghligaak56yqbevu107.jpg "width=" 803 "height=" 553 "/>
Next is the introduction of some features of AD, beginners can see how Microsoft Official explains.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5b/fb/wkiol1uyy_3tvtnhaakg7jz4y2m858.jpg "width=" 805 "height=" 553 "/>
Here are some of the plugins that the ad needs to install, and we'll just click on the last installation.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyy_2rwx3jaajux7nrwmy463.jpg "width=" 804 "height=" 556 "/>
Below we wait for a moment, waiting for ad to install.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyy_3zdgnsaaiyhjkumbm094.jpg "width=" 803 "height=" 560 "/>
See this interface, your ad has been successfully installed, click Close.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5c/01/wkiom1uyysoyne0eaakx861ukwi186.jpg "width=" 803 "height=" 561 "/>
Below we will promote the SERVER02 server to a domain controller and click "Promote this server to a domain controller".
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5b/fb/wkiol1uyy_6t9ddjaajfl939bye705.jpg "width=" 1161 "height=" 428 "/>
Since we don't have a forest now, we choose to create a new forest and then fill in the root domain name.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5b/fb/wkiol1uyy_7tsxpsaagswevlisu357.jpg "width=" 776 "height=" 570 "/>
Click Next need to wait a moment, note that the requirements of our experiment here is not a server DNS and ad, so it is important that the "Domain Name System (DNS) server" option is ticked off, or the experiment does not go smoothly, the ad will automatically associate DNS to the machine.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyy_6yapr8aaialh967py974.jpg "width=" 779 "height=" 549 "/>
NetBIOS domain name you just have to wait a moment, it will be automatically recognized, without modification, direct next.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5c/01/wkiom1uyyssr7xanaafpyq5zsww687.jpg "width=" 776 "height=" 558 "/>
Some files are installed in the location, keeping the system default.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5c/01/wkiom1uyyssqak-jaagzb47xs00200.jpg "width=" 779 "height=" 548 "/>
Finally, check your installation information.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5b/fb/wkiol1uyy_-ajrhkaajg0zrzmqa314.jpg "width=" 786 "height=" 554 "/>
The system then verifies that the normal interface is the same.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5b/fb/wkiol1uyy__yegkiaamgwsd-7gy165.jpg "width=" 780 "height=" 573 "/>
Ad installation process may be longer, SSD will be much better, HDD can only slowly wait, during the system will automatically restart, we do not move, waiting for the system to complete automatic installation.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5b/fb/wkiol1uyy__dcs2eaahps61ty9o687.jpg "width=" 780 "height=" 569 "/>
After the system restarts, the login needs to be aware that the SERVER02 is already a domain controller, so we need to log in with the account, usually the format is the domain name \administrator.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5c/01/wkiom1uyyswg2ynuaadawzy-m4m674.jpg "width=" 830 "height=" 392 "/>
After logging into the system, we will do three checks, the first, check whether the Active Directory Management tool is working properly.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyzacrhyhvaaha9owjkrk857.jpg "width=" 954 "height=" 386 "/>
Second, we need to go to Server01 to check DNS records (SOA \ns\a\srv).
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyzadq0rvwaah4xiebmys183.jpg "width=" 771 "height="/>
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5c/01/wkiom1uyyswdn-idaai14-qqqim560.jpg "width=" 852 "height=" 366 "/>
Third, use the net share command to view the share (Netlogon\sysvol).
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5b/fb/wkiol1uyzaccyemvaaghr25opim149.jpg "width=" 690 "height=" 381 "/>
If three checks are OK, let's move on to the next step and join the SERVER03 to the domain.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5c/01/wkiom1uyysaslszhaajdnzqd3jq416.jpg "width=" 865 "height=" 536 "/>
OK after the system will pop up let you enter the user name and password, we enter the domain administrator's account, authorization.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5c/01/wkiom1uyysbg-elxaadhf6xbihm120.jpg "width=" 444 "height=" 306 "/>
Next you will see Welcome to join the domain.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyzagc4c8yaac56fcfpmk742.jpg "width=" 455 "height=" "/>"
After determining, wait for the system to restart, then use the Set u\set L Two command to view the current user information and log on to the server.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5c/01/wkiom1uyysbzbwfqaafhpfv7wz8578.jpg "width=" 682 "height="/>
The last step is to create an account for the normal user on the Server02.
The first thing to create is a group.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyzdqcvvctaail86zolha932.jpg "width=" 778 "height=" 549 "/>
And then create the user.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5c/01/wkiom1uyywddyuwlaaj5xolofce438.jpg "width=" 776 "height=" 541 "/>
After entering the password, complete the creation.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5c/01/wkiom1uyywdxwvrraad54ojs_io372.jpg "width=" 531 "height=" 493 "/>
Sign out of Server03 and log in to the domain with the normal account you just created.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5c/01/wkiom1uyywdw4yeraadbmpet_8y405.jpg "width=" height= "322"/>
The user that you just created Tom successfully logged on to the domain.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5c/01/wkiom1uyywcj1pipaadq9ndxj7g455.jpg "width=" 679 "height=" 235 "/>
Finally, please note that the normal domain account can only log on to the domain member server, you cannot log on to the domain control server, if you want to implement, you need to modify the Group Policy on the domain controller, and Force refresh Group Policy, in order to enable the normal account to log on to the domain controller.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m02/5c/01/wkiom1uyywcyhs5daarp2uchkaw786.jpg "width=" 1136 "height=" 644 "/>
Log off the domain controller and use the account Tom to log in.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m00/5b/fb/wkiol1uyzdvg4ha_aacq8rkbdio309.jpg "width=" 688 "height=" 329 "/>
Successfully logged on to the domain controller with a normal Tom user.
650) this.width=650; "Style=" background-image:none;padding-left:0px;padding-right:0px;border-top-width:0px; border-bottom-width:0px;border-left-width:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/5b/fb/wkiol1uyzdva5hw6aaewdxux-no127.jpg "width=" 679 "height=" 275 "/>
Warning: This practice is strongly not recommended in a realistic production environment due to the high risk of logging on to a domain controller in a normal account, and is only intended to be understood by the demo experiment.
(Declaration: The uec.com in the demo is for experimentation only.) )
This article from "jinning Blog" blog, reproduced please contact the author!
Windows Server R2 Active Directory (active directories) experiment one
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
