Windows Server 2008 Build domain Controller "reprint 51cto.com"

Windows Server Building a domain controller

introduced

In a small network, administrators typically manage each computer independently, such as the most commonly used user management. But when the network scale to a certain extent, such as more than 10 computers, and each computer has 10 users, then the administrator will create more than 100 user accounts, the same work will be repeated many times. → At this point, multiple computers in the network can be logically organized together for centralized management, which is distinguished from the workgroup's logical environment called domain. Corresponds to the C/S network management mode mentioned in the second chapter.

The content of this chapter is very important and abstract, and instructors should give more examples of life to help students understand.

The domain can be likened to a country, then the domain controller is the head of the state, the member computers in the administrative domain

Note: A domain is a logical grouping that is independent of the physical topology of the network

Domain

Logically organize multiple computers in a network together for centralized management, which differs from the logical environment of a workgroup called a domain

Domains are the core snap-in for organizing and storing resources

Domain Controller

In a domain, there is at least one domain controller

The domain controller holds the user account and the security database for the entire domain

Introduction: To create a Windows domain, you must first understand the concept of Active Directory, because the domain is inseparable from the Active Directory.

Install the Active Directory on a single computer to become a domain controller.

The DC provides directory services through the Active Directory, such as maintaining the ad database, auditing the user's account and password correctly, and so on.

A DC is a physical computer, and the Active Directory is a service that runs on a DC.

Active Directory

Active Directory is a directory service in a Windows network

Active Directory provides a way to store network object information and enable network users to use the data

Active Directory Features

Centralized management

Convenient access to network resources

Users can access the entire network resource at one time

network resources mainly include user accounts, groups, shared folders, printers, etc.

Scalability

domain tree

Multiple domains with a contiguous domain name space

Lin

A forest is made up of one or more domain trees

conditions for installing a domain controller

Installers must have local administrator rights

The operating system version must meet the criteria (Windows Server 2008 is satisfied except for the web version)

The local disk has at least one partition that is the NTFS file system

has TCP/IP settings (address, subnet mask, etc.)

Have the appropriate DNS server support

There is enough free space

To install the Active Directory step:

Click Start-Run to enter the installation command "Dcpromo" to open the AD Domain Services Setup Wizard;

Read the operating compatibility instructions, click the Next button;

On the Select a Deployment Configuration page, select New domain in New Forest;

On the named forest root Domain page, enter the FQDN name of the forest root domain, which is named yezi.com;

In the Select Forest functional Level page, select the forest functional level; Note that the following are the levels of support.

Select "DNS Server" on the "Additional Domain controller Options" page;

Set the storage location for databases, log files, and SYSVOL;

In the directory Restore Mode Administrator Password page, enter the password;

On the summary page, check all the selections and click Next.

Start installing and configuring the Active Directory service;

Click Finish when the installation is complete, as shown in the server needs to be restarted;

join a computer to a domain

Before joining a domain, first check the configuration of the client computer:

Whether the client and the DC network are interconnected

Whether the client computer correctly sets the DNS address

Does the DNS server have the correct SRV record

The account used for the domain should be a domain account

Steps:

Log in as a domain administrator

Right-click "My Computer" under the Computer Name option, select Change, enter the name of the domain you want to join;

Windows Server 2008 Build domain Controller "reprint 51cto.com"