Windows Server R2 Active Directory (active Directories) experiment three

Source: Internet
Author: User

In the end of experiment two, mentioned the problem of AD and DNS deployment on the same server, only this one server to maintain the normal production, the risk is great, once this server has a problem in any place, then our entire domain environment is completely paralyzed, so in order to prevent this situation, We need to make a backup, or an additional domain controller.

The benefits of deploying an additional domain controller are quite many, you can implement domain controller fault tolerance, even if the primary domain controller is out of order, we do not have to worry about, the additional domain controller will continue to replace the primary domain controller to complete the verification work, maintain the overall domain environment, and have two domain controllers working simultaneously, Domain environments are much faster to validate and more productive, and additional domain controllers offload the primary domain controller, keeping the entire domain in a relatively easy-to-run state.

Having an extra controller is certainly a good thing, but we need to know that after deploying an additional domain controller, the two servers are working concurrently, and for the additional domain controllers to achieve perfect fault tolerance, the data must be kept in sync between the two domain controllers.

First of all still explain the experimental requirements and purposes, the experiment requires two virtual machines, Server01 as the primary domain controller, Server02 as the Server01 of the additional domain controller, the experiment will still omit some of the details before the experiment, do not understand the friend please look at the previous experiment.

To begin our experiment, SERVER01 needs to point DNS to itself first.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/1c/wkiol1uaxqphpbbwaahvma2k-hs368.jpg "height=" 550 "/>

Then install the AD domain service.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m02/5c/1c/wkiol1uaxq7qa5sbaakotywcq2u878.jpg "height=" 554 "/>

After the installation succeeds, promote to a domain controller.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m00/5c/1c/wkiol1uaxrncckfcaal98pjkyoo265.jpg "height=" 505 "/>

After the AD domain service is installed, the DNS of the native computer may be changed, we need to check it and keep the DNS pointing to itself and can parse normally.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/1c/wkiol1uaxslj2hzcaagefgzu5ka781.jpg "height="/>

Next is the configuration of Server02, the same is the DNS, so that the DNS point to Server01, or raise the domain control error.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m02/5c/1c/wkiol1uaxtahtt5jaaj6joo5efi265.jpg "height=" 569 "/>

After successful installation, promote to a domain controller, where it is important to note that since Server01 is the primary domain controller, we have created a new forest and domain, SERVER02 additional domain controller, just choose to join the existing domain.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m00/5c/1c/wkiol1uaxvxzrq3maahiq0h9_fm209.jpg "height=" 570 "/>

When filling in the credentials, be sure to fill out the domain administrator's account.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/1c/wkiol1uaxv7wjg9uaadr-spnzqa957.jpg "height=" 306 "/>

After you successfully raise the domain controller, log on and check that the administrative tools are working correctly.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m02/5c/1c/wkiol1uaxw_iscavaak6-airgm4556.jpg "height=" 367 "/>

Check that DNS is working properly.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m00/5c/22/wkiom1uaxekqcgu8aagojvklyou382.jpg "height=" 334 "/>

Check that the shared folder is working properly.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m00/5c/22/wkiom1uaxftcfuwvaagg4kpm97s743.jpg "height=" 448 "/>

After all the checks are working properly, we need two domain controllers with preferred DNS pointing to each other, and standby DNS pointing to itself.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/22/wkiom1uaxgstwvuwaagcob2uqcs800.jpg "height=" 484 "/>650) this.width=650;" Style = "background-image:none;border-bottom:0px;border-left:0px;padding-left:0px;padding-right:0px;border-top:0px; border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M02/5C/22/ Wkiom1uaxhsij64kaafkbdgscle252.jpg "height=" 484 "/>

Next we test whether the synchronization between the two domain controllers is normal, and open two servers for Active Directory Users and Computers.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m00/5c/22/wkiom1uaxiaynkzfaamywcegth4567.jpg "height=" 527 "/>

Create an organizational unit named HR above the Server01.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/22/wkiom1uaxjdilbgwaaipofzug3o332.jpg "height=" 545 "/>

Create two more users Tom and Jerry.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m02/5c/22/wkiom1uaxkszi8rdaaj_qkc_hrs822.jpg "height=" 365 "/>

Server01 above has created the organizational unit and the user, then we go to refresh Server02 to see if the data is not synchronized.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/22/wkiom1uaxllt0fhbaai_uxhciqq874.jpg "height=" 482 "/>

The data for creating the new user has been successfully synchronized, and there is little delay, and then we delete the organizational unit named HR on SERVER01 and the user Tom\jerry.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m00/5c/22/wkiom1uaxnfqn6o9aalyoa-exxq002.jpg "height=" 317 "/>

Refresh the Server02 to see if the data is syncing properly.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" image "border=" 0 "alt=" image "src=" http ://s3.51cto.com/wyfs02/m01/5c/22/wkiom1uaxpgjcsv_aaku_fxxrbs533.jpg "height=" 371 "/>

From this can be seen, the two domain controllers work properly, high efficiency, the actual production environment has a lot of such configuration, the effect is very good.

(Declaration: The uec.com in the experiment is for demonstration purposes only.) )

This article from "jinning Blog" blog, reproduced please contact the author!

Windows Server R2 Active Directory (active Directories) experiment three

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.