Windows AD Configuration

This article is selected in the quick help net, not original.

Active Directory Overview:

Using the Active directory (r) Domain Services (AD DS) server role, you can create a scalable, secure, and manageable infrastructure for user and resource management, and can provide access to directory-enabled applications such as Microsoft (R) Exchange Server) is supported.

AD DS provides a distributed database that can store and manage information about network resources and application-specific data in directory-enabled applications. The server running AD DS is called a domain controller. Administrators can use AD DS to organize network elements, such as users, computers, and other devices, into hierarchical inline structures. Inline hierarchies include Active Directory forests, domains in the forest, and organizational units (OUs) in each domain.

1. Log in with a local administrator.

2. Modify the computer name "DC"

3. After changing the computer name, you need to restart the server.

4, set the server fixed IP.

5. Install the domain service role by adding a role in Server Manager. (Note that you cannot use Dcpromo to enter the Domain Setup Wizard in Windows Server 2012)

6. Select "Next" by default.

7. Select role-based or feature-based installation. Next.

8. Select local Server "DC". Next.

9. Select Active Directory Domain Services.

10, the default option. Next.

11, the default option. Next.

12. Select "Restart target server automatically if required". Press "Install". (Note: Specify an alternate source path, point to the Windows Server 2012 installation disk)

13, the installation is complete. Press "Close".

14, select the Server task details, select "Post-Deployment Configuration" By: Promote this server to a domain controller.

15. Select "Add New Forest" and fill in the root domain name: mcipt.com.

16. Select the forest and domain functional level is Windows Server 2003, provide domain controller functionality, and select the Domain Name System (DNS) server. By default, the global catalog is selected. and set the Active Directory restore password.

17, the default choice next.

18, the default display NetBIOS is MCITP.

19, the default choice next.

20, display the installation information, the next step.

21. View the export installation ad script.

22. Select "Install".

23, the installation process will automatically restart.

24. After installation, log in with the domain administrator.

25. After login, enter the Start menu.

26. View the operations master information through Active Directory domains and trust relationships.

27. Active Directory Sites and Services view site information. Now the default site has only one domain control server.

28. Create a new OU in Active directory Users and Computers named "IT".

29. Active Directory Users and Computers create a new user "Jack" in the IT organization.

30. Use ADSI Edit to view the OU organizational structure.

Summary:

Organizing network elements into hierarchies provides the following benefits:

A forest can act as a security boundary for an organization and define an administrator's authorization scope. By default, a forest contains a domain (called forest root domain). You can also create additional domains in the forest to provide AD DS data partitions so that your organization replicates data only when it is needed. As a result, AD DS can scale globally on networks with limited available bandwidth. Active Directory domains also support many of the other core features associated with management, including network-wide user identities, authentication, and trust relationships. OUs simplify delegation of authorization to facilitate the management of a large number of objects. The owner can delegate all or a limited authorization of an object to another user or group. Delegation is important because it helps distribute the management of a large number of objects to people who are trusted to perform administrative tasks.

Security aspects:

Security can have logon authentication and access control to resources in the directory integrated with AD DS. With single-point network logins, administrators can manage directory data and organizations across their entire network. Authorized network users can also use a single-point network login to access resources anywhere in the network. Policy-based management simplifies the management of even the most complex networks.

Additional AD DS Features:

A set of rules, schema, that defines the categories of objects and properties contained in the catalog, the constraints and restrictions of instances of those objects, and the format of their names. A global catalog that contains information about each object in the directory. Regardless of which domain in the directory actually contains directory information, users and administrators can use the global catalog to find the data. A query and indexing mechanism so that objects and their properties can be published and discovered by network users or applications. A replication service that distributes directory data across the network. All writable domain controllers in the domain participate in replication and contain a complete copy of all directory information for their domain. Any changes to the directory data are replicated to all domain controllers in the domain. Operations master roles (also known as flexible single master operations or FSMO). The domain controller that contains the operations master role is designated to perform specific tasks to ensure consistency and eliminate conflicting entries in the directory.

Source: Quick Help net

Windows AD Configuration