Active Directory Deployment
I. Prerequisites
1.1) Supported Versions: Windows Server
2.2) Specify the computer name of the DC server, host the Ntds.dit database, install the adds service, provide the LDAP query service, provide Kerborse authentication
2.3) Prepare IP address, DNS information
The first DC created by default is the root domain of the first forest, the DNS server, the GC (global catalog server)
Two. Deployment process
Gui:
2.1) Add adds role
2.2) Configure DC
Sserver Code:
2.3) Sconfig Tools set Up computer, IP address, DNS and other information
2.4) Install adds using PowerShell
Deploy the first DC
DC01 Computer and IP address information, the primary DNS points to itself
650) this.width=650; "src=" http://s2.51cto.com/wyfs02/M01/82/B3/wKioL1dexbihSvhCAAFIqSIqYMc524.jpg "title=" 1.jpg " alt= "Wkiol1dexbihsvhcaafiqsiqymc524.jpg"/>
Installing adds
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/82/B3/wKioL1dexfeBy7qoAAFa4sXCdvE789.jpg "title=" 3.jpg " alt= "Wkiol1dexfeby7qoaafa4sxcdve789.jpg"/>
Start configuring DC
650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/82/B3/wKioL1dexhXQrFdnAAEyW_TCLDo805.jpg "title=" 4.jpg " alt= "Wkiol1dexhxqrfdnaaeyw_tcldo805.jpg"/>
Because the first domain is created, so here's the option to add a new forest, we use the name contoso.com
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/82/B5/wKiom1dexTKy0h_cAADjrc61RkI910.jpg "title=" 5.jpg " alt= "Wkiom1dextky0h_caadjrc61rki910.jpg"/>
The main considerations for the functional level are two points: 1. The higher the level, the more stable and efficient the DC, as it provides more functionality and optimization; 2. Compatibility: Consider the DC version and client version that have been created in the current production environment (Group Policy issued)
650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M00/82/B3/wKioL1dexaOTPQ88AAFA1y5yWic968.jpg "title=" 6.jpg " alt= "Wkiol1dexaotpq88aafa1y5ywic968.jpg"/>
The currently created domain belongs to the top level of the hierarchy (the first forest and root domain), so the delegation of the DNS is grayed out, and if the add tree or subdomain is an optional state
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M01/82/B3/wKioL1dex7vzX3NBAAEDAH-T6Y4349.jpg "title=" 7.jpg " alt= "Wkiol1dex7vzx3nbaaedah-t6y4349.jpg"/>
Set the NetBIOS name, primarily for earlier clients, such as Windows NT and Windows98
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M01/82/B4/wKioL1deyEDhVwmyAADT9zpISdo781.jpg "title=" 8.jpg " alt= "Wkiol1deyedhvwmyaadt9zpisdo781.jpg"/>
Specify the location where the database, log files, and SYSVOL files (Group Policy objects) are saved
650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/82/B5/wKiom1dex5PSHP_qAAD4n5rUaBE564.jpg "title=" 9.jpg " alt= "Wkiom1dex5pshp_qaad4n5ruabe564.jpg"/>
After confirmation, the default next installation is completed and restarted.
In addition we can deploy an additional domain controller, in the Promote to Domain Controller wizard,"View Options"--"View script" Export PowerShell script, to the server code use
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/82/B9/wKiom1dfb42SyQ6uAADWtWEhrIs280.jpg "title=" B.jpg " alt= "Wkiom1dfb42syq6uaadwtwehris280.jpg"/>
650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M01/82/B8/wKioL1dfcUzwfds1AAEt6yjmpgY144.jpg "title=" a.jpg " alt= "Wkiol1dfcuzwfds1aaet6yjmpgy144.jpg"/>
Configuration of Server Code
Setting Up Computer Information
Netdom renamecomputer%computername%/newname: Computer name
SHUTDOWN/R/T 0
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/82/B9/wKiom1dfcXDDHfFUAACLXjg50C0072.jpg "title=" C.jpg " alt= "Wkiom1dfcxddhffuaaclxjg50c0072.jpg"/>
Set Ip,dns address information
IP Settings
Netsh Interface IPv4 Set Address "Local Area Connection" Static 10.0.0.10 255.0.0.0 10.0.0.1
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/82/B7/wKiom1dfXVmSIBvaAACpag-aP-I326.jpg "title=" 13.jpg "alt=" Wkiom1dfxvmsibvaaacpag-ap-i326.jpg "/>
DNS settings
Set dnsserver Static "Local Area Connection" 10.0.0.10 index=1
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/82/B6/wKioL1dfX16SI-y0AABM0oDf9YQ882.jpg "title=" 15.jpg "alt=" Wkiol1dfx16si-y0aabm0odf9yq882.jpg "/>
Join Domain
netdom join%computername%/domain: Domain name/userd: domain name with privileged user name/passwordd:[email protected]
650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/82/B8/wKioL1dfdHPAex6qAABo8xPIDjE163.jpg "title=" D.jpg " alt= "Wkiol1dfdhpaex6qaabo8xpidje163.jpg"/>
Copy DC02 exported and shared script to local C packing directory
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/82/B7/wKiom1dfX6GxgMrGAABc8wTdzGw760.jpg "title=" 16.jpg "alt=" Wkiom1dfx6gxgmrgaabc8wtdzgw760.jpg "/>
Use PowerShell to get the adds service role to show availability
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/82/B7/wKiom1dfYUvBzPDQAABmkFIsCCU397.jpg "title=" 17.jpg "alt=" Wkiom1dfyuvbzpdqaabmkfisccu397.jpg "/>
Next install the adds service
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/82/B8/wKiom1dfYiShaGjWAACb7iXAxDE122.jpg "title=" 18.jpg "alt=" Wkiom1dfyishagjwaacb7ixaxde122.jpg "/>
Use PowerShell scripting to start installing as an additional domain controller
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/82/BA/wKiom1dfddejRj1_AAC3KkxAocU490.jpg "title=" E.jpg " alt= "Wkiom1dfddejrj1_aac3kkxaocu490.jpg"/>
650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/82/BA/wKiom1dfdn2hjTgdAAEBXxKH8ts661.jpg "title=" f.jpg " alt= "Wkiom1dfdn2hjtgdaaebxxkh8ts661.jpg"/>
This article from "Cautious" blog, declined reprint!
Learning Summary-active Directory Domain Services Administration-Active Directory Deployment