What is called a domain. The domain is the core unit of the Windows nt/2000 Active Directory, which is a container for objects such as computers, users, and objects in the domain that have the same security requirements, replication processes, and management. If you want to build a domain, first have a machine to install the Active Directory, become a domain control host.
I understand that the domain is similar to a workgroup, except that the domain is much higher than the workgroup, with more and more manageable units, complex (including shared content, user management, security Policy Management, file allocation ...). )
The domain user is a computer user, but the user rights that are joined to the domain are reassigned by the administrator of the domain control host, so it is uncertain. However, when logging into the domain with domain users, shares in the domain can be shared. Here is a tutorial on how to create a domain, how to join the domain members of the assigned domain, and hope to help.
All of the member servers in this post use Microsoft Windows Server 2003, and the client uses Windows XP.
First, of course, install Windows Server 2003 on the member server, and then enter the system after the installation is successful.
Because DNS is not installed during the default installation of Windows Server 2003, we need to add it manually.
Add the following: "Start-settings-Control Panel-Add Remove Program", then click "Add/Remove Windows Components", you can see the following screen:
Move down to the right scroll bar, find network services, and select:
All network services will be added by default, you can click on the "Details" to customize the installation, because here only DNS, so all the other removed, later when needed to install, and then is the point of "OK", always point "next" can complete the installation of the entire DNS. Make sure that the Windows Server 2003 installation CD is in the CD drive during the entire installation, otherwise you will be prompted to locate the file without a manual location.
After you install DNS, you can do the upgrade, first click "Start-Run", enter "Dcpromo", and then return to the Active Directory Installation Wizard
Here is a compatibility requirement, Windows 95 and NT 4 SP3 Previous versions were unable to log on to the domain controller running to Windows Server 2003, and I recommend that you use Windows 2000 and above as your operating system as the client. Then click "Next":
Here because this is the first domain controller, select the first item: "Domain controller for the new domain", and then click Next
Since it is the first domain control, then of course select "Domain in New Forest":
Here we want to specify a domain name, which I specify here is demo.com
Here is the specified NetBIOS name, note that the following client conflicts, that is, the entire network can not have a PC computer called "Demo", although this can be modified, but personal advice or the use of the default good, save later trouble.
Here to specify the location of the ad database and log, it is recommended that you use the default.
This is the location of the specified SYSVOL folder and is recommended by default.
The first time you deploy, there will always be the above DNS registration Diagnostics error screen, this is mainly because DNS is installed, but because it is not configured, there is no DNS server available on the network, so the response timeout is present, so select: "Install and configure DNS on this computer," and set this DNS server as the preferred DNS server for this computer.
This is a choice of permissions, and here I choose the second item: "Permissions compatible only with Windows 2000 or window 2003 operating systems" because there is no previous operating system for Windows 2000 in the entire environment I experimented with.
Set the password, I hope everyone set up after the password must be remembered.
This is the confirmation screen, please carefully check the information just entered is not correct, especially if the domain name is written correctly, because the domain name is not a joke, if any, you can point to the next step into the heavy loss, if confirmed correct, then point "next" on the official opening of the installation:
After a few minutes, the installation is complete:
Point complete:
Click "Restart Now".
Then look at the installation of the ad and did not install when some of the difference, first of all, the first feeling is shutdown and the speed of the boot significantly slowed, and then look at the landing interface, a "landing to" the selection box:
After entering the system, right click on "My Computer" select "Properties", click "Computer" How? and install ad before the same bar, others such as no local users, in the management tool more than a few icons or something.
Promote a member server to a domain controller (ii)
In an upstairs post, a member server named Server has been promoted to a domain controller, so let's take a look at how to join the following workstation to the domain.
Because from the network security considerations, as little as possible to use the domain administrator account, so first on the domain controller to establish a delegation account, log on to the domain controller, run "Dsa.msc", the "AD Users and Computers" management console:
First, create a new user, expand "demo.com", right-click on "Users", and click "New"-"user":
Then a new User wizard appears, where I created a new user named "SWG" and set the password to "never expire."
The "Next step" is done so that the user's creation can be completed. Then on the "demo.com" right click on the first choice of "delegated control":
A Delegate Control wizard appears:
Click the "Add" button in the middle and enter the "SWG" account you just created:
In the following screen, there is no need for the user to "manage Group Policy links" for the time being, so just select "Join the computer to the domain" and click "Next":
Finally, an information check screen, if there is no problem, directly point to "complete" on it.
Next go to the client, see how to put XP in, the client operating system used in the experiment is the Windows XP Professional Edition, you need to note that the Windows XP Home version because of the family users, so can not join the domain everyone don't make a mistake, let's set up this XP network first. :
Computer Name: TESTXP
ip:192.168.5.5
Subnet Mask: 255.255.225.0
DNS server: 192.168.5.1,
After setting up the network, on "My Computer" right click, select "Properties", point "computer name" to "subordinate" to the field, and enter: "Demo.com"
The point is OK, this is the following screen will appear:
Enter the "SWG" account that you just built on the domain control, click OK, restart the computer
Start the machine to see the "Landing", you can select the domain login or the local landing, select the domain "DEMO", so you can use domain users to land.
After entering the system, right-click on "My Computer", select "Properties" and click "Computer name": See the difference between the place marked with the black box and the time when it is not joined to the domain?
After reading these I believe you know how to set up a domain, how to join a domain and assign a domain member. ============================= 1, Find add removal component in Add/Remove Programs Find network services install DNS
2, before configuring DNS preparation. If you are using a local computer as a DNS server, please make the DNS address in your TCP/IP settings the same as your current IP settings. Illegal domain name cannot be configured for extranet address
3, the specific configuration. "DNS" is turned on on the computer's administrative tools.
4, there are two zones in DNS: Forward lookup zones and orientation lookup zones. All we need is to configure the forward.
5, right-click the Forward lookup zone select New Zone and then click Next to select Main zone next, take the default value, and then next, enter the name of the zone:
Xuefagen.anltech.com. Point next. Then use the default value, the point completes.
6, right click "xuefagen.anltech.com" to choose New Host, the host name casually write. IP address is your computer's current address can not write wrong. When you are done, click "Add Host" and click "OK". Then click "Finish".
7. Right-click "xuefagen.anltech.com" to select New alias. Alias write: www is mainly to open the browser in the form of: www.xuefagen.anltech.com, click the "Browse" button, in the name bar with the mouse to select objects, Always point to the end, and then click OK.
8. Finally, check your configured DNS is not correct, in the "Start" menu "run" in the input "CMD" in the prompt input: Ping www.xuefagen.anltech.com If you can ping general rules to indicate the success of the DNS.
9, configuration instructions: The above configuration required by the environment: the operating system to be in the server operating system, users to Administrators group members, or the Power Users group members. And your computer does not have a DNS integrated in AD that means your computer is not a DC domain operation command Net
In the process of operating Windows 9x/nt/2000/xp/2003 system, you will encounter more or less problems like this or that, especially when the network administrator in the maintenance unit of LAN or WAN, if you can master some of the Windows System command use skills, Often bring great convenience to the work, sometimes can play the effect of less effort; This article on Net Network command in the actual operation of the use of skills for your reference.
We know that the net command is a command-line command, and the net command has many functions to use to verify the NetBIOS connections between computers, to view our management network environment, services, users, landing information, and so on, to obtain net help (1) In a graphical way, you can start-> help-> index-> input NET, (2) under command, you can use the character: NET/? or NET or the help to get the appropriate method. All net commands accept options/yes and/no (can be abbreviated to/y and/n).
===============================
The following tips for using the different parameters of the net command are described below:
1, Net View
Role: Displays a list of domains, lists of computers, or shared resources for a specified computer.
Command format: Net view [//computername |/domain[:d Omainname]]
For a description of the parameters:
• Type net view with no parameters to display a list of computers in the current domain
//computername Specifies the computer for which you want to view shared resources
/domain[:d Omainname] Specifies the domain for which you want to view available computers
For example, Net view//GHQ View the list of shared resources for GHQ computers.
Net view/domain:xyz View the list of machines in the XYZ domain.
2, Net User
Role: Add or change user accounts or display user account information.
Command format: Net user [username [password | *] [options]] [/domain]
For a description of the parameters:
• Type NET user without parameters to view a list of user accounts on the computer
username Add, remove, change, or view user account names
password assign or change a password for a user account
• Prompt to enter password
/domain performs operations on the primary domain controller of the computer's primary domain. This parameter is available only on Windows NT Workstation computers that are members of a Windows NT Server domain. By default, Windows NT Server Computers perform operations on the primary domain controller. Note: This action occurs on the primary domain controller in the computer's primary domain. It may not be a logon domain.
For example: Net user ghq123 View information about the user GHQ123.
3. Net Use
Role: Connect the computer or disconnect the computer from the shared resource, or display the connection information for the computer.
Command format: Net use [devicename | *] [//computername/sharename[/volume]] [password|*]][/user:[domainname/]username][[/ delete]| [/persistent:{yes | no}]]
For a description of the parameters:
• Type net use with no parameters to list network connections
DeviceName Specify the name of the resource to connect to or the name of the device to disconnect
//computername/sharename The name of the server and the shared resource
password Password to access shared resources
* Prompt to type password
/user Specify another user for the connection
DomainName Specify another domain
username Specify the user name for the login
/home connect users to their host directory
/delete Cancel the specified network connection
/persistent controls the use of permanent network connections.
For example: Net use F://ghq/temp to set the//ghq/temp directory as F disk
Net use f:/ghq/temp/delete disconnect.
4, Net time
Function: Synchronize the computer's clock with the time of another computer or domain.
Command format: Net time [//computername |/domain[:name]] [/set]
For a description of the parameters:
//computername The name of the server to check or sync
/domain[:name] Specifies the domain to synchronize with time
/set synchronizes the computer clock with the specified computer or domain clock.
5, Net Start
Function: Start the service, or display a list of started services.
Command format: Net start service
6, Net Pause
Role: Suspend a running service.
Command format: Net pause Service
7, Net Continue
Role: Reactivate the suspended service.
Command format: Net continue Service
8, Net Stop
Function: Stop Windows nt/2000/2003 Network Service.
Command format: Net stop service
Let's take a look at what services are included in the above four commands:
(1) Alerter (alarm);
(2) Client Service for NetWare (NetWare Client Services)
(3) ClipBook server (ClipBook servers)
(4) Computer Browser (Computer browser)
(5) Directory Replicator (Directory replicator)
(6) FTP Publishing Service (FTP) (FTP distribution services)
(7) Lpdsvc
(8) Net Logon (network logon)
(9) Network DDE (Network DDE)
(10) Network dde dsdm (Network dde DSDM)
(11) Network Monitor Agent (Network monitoring agents)
() OLE (Object linking and Embedding)
(a) Remote Access Connection Manager (Remote Access Connection Manager)
(ISNSAP) Remote Access Service (ISNSAP services)
(km) remote access server
(Procedure call (RPC) locator (remote procedure invoke locator)
(Procedure call (RPC) service (Remote Procedure invocation Services)
(a) schedule (dispatch)
() server (servers)
(Simple TCP/IP services)
() SNMP
(spooler) (print spooler)
(%) TCP/IP NetBIOS Helper (TCP/IP NetBIOS AIDS)
(a) Ups
() Workstation (workstation)
(num) Messenger (Messenger)
(a) DHCP client
9, Net Statistics
Function: Displays statistics for the local workstation or Server service.
Command format: Net statistics [workstation | server]
For a description of the parameters:
• Type a net statistics with no parameters to list the running services for which statistics are available
Workstation displays statistics for the local workstation service
Server displays statistics about the local server service
For example: Net statistics Server | More displays statistics about the Server service.
10, Net Share
Function: Create, delete, or display shared resources.
Command format: Net share Sharename=drive:path [/users:number |/unlimited] [/remark: "Text"]
For a description of the parameters:
• Type a net share with no parameters to display information for all shared resources on the local computer
ShareName is the network name of the shared resource
Drive:path Specify the absolute path to the shared directory
/users:number Sets the maximum number of users who can access a shared resource at the same time
/unlimited does not limit the number of users who concurrently access shared resources
/remark: "text" adds a comment about the resource, and the comment text is quoted in quotation marks
For example: Net share yesky=c:/temp/remark: "My A-share"
Share Yesky for shared names C:/temp
Net share Yesky/delete stop sharing Yesky directory
11, Net session
Function: Lists or disconnects the session of the local computer and the client with which it is connected.
Command format: Net session [//computername] [/delete]
For a description of the parameters:
• Type a net session without parameters to display information about all sessions with the local computer.
//computername identifies the computer on which you want to list or disconnect sessions.
/delete closes all open files for the computer during the session with the/computername computer and shuts down this session. If the/computername argument is omitted, all sessions with the local computer are canceled.
For example: Net session//GHQ to display a list of client sessions information for the computer named GHQ.
12, Net Send
Role: Send messages to other users, computers, or communication names on the network.
Command format: Net Send {name | * |/domain[:name] |/users} message
For a description of the parameters:
Name the user name, computer name, or communication name to which you want to send a message
* Send messages to all names in the group
/domain[:name] Sends messages to all names in the computer domain
/users send messages to all users connected to the server
message text sent as a message
For example, Net Send/users server would shutdown in minutes. Send messages to all users connected to the server.
13, Net Print
Functions: Displays or controls print jobs and print queues.
Command format: Net print [//computername] job# [/hold |/release |/delete]
For a description of the parameters:
ComputerName The computer name of the shared printer queue
ShareName print queue name
job# The identification number assigned to the print job in the printer queue
/hold The print job in the printer queue when using job#
/release release a reserved print job
/delete Delete a print job from the printer queue