In this chapter, we started to create the related DNS functions such as tree domain control and provisioning for Lin Bicionline.org at BJ, SH and GZ sites.
Network configuration:
1, for BJ site Ds04, SH site pdc02 and GZ site AD02 configuration network, the IP configuration is as follows: ( Note: When creating a domain tree environment, ensure that the computer network DNS address of the domain tree is joined to the first domain controller DNS address when the forest was established )
ds04:172.16.10.104, subnet mask: 255.255.255.0 gateway: 172.16.10.254, DNS 172.16.10.100,
ad02:172.16.29.102, subnet mask: 255.255.255.0 gateway: 172.16.29.254, DNS 172.16.10.100,
: , Subnet mask: 255.255.255.0  172.16.28.254 dns 172.16.10.100 ,
2, ensure that Ds04, PDC02 and AD02 host can ping the IP 172.16.10.100, and can resolve the bicionline.org domain name. If you cannot ping or cannot resolve the domain name, check your network configuration. Such as
650) this.width=650; "Src=" https://s5.51cto.com/wyfs02/M02/9C/BA/wKioL1l1g6yw5vjDAABvc-71J_s257.png-wh_500x0-wm_ 3-wmp_4-s_3889620495.png "title=" qq picture 20170724132008.png "alt=" wkiol1l1g6yw5vjdaabvc-71j_s257.png-wh_50 "style=" Float:none; "/>
To create a tree domain controller:
Create a tree domain controller for ds04, AD02, PDC02
1. Open Server Manager, Add a role the Active Directory Domain Services " , such as:
650) this.width=650; "Src=" Https://s1.51cto.com/wyfs02/M00/9C/F8/wKioL1l4T8-Bo2eJAADYUKcd3Iw024.png-wh_500x0-wm_3-wmp_4-s_1442355747.png " title= "QQ picture 20170726161604.png" alt= "wkiol1l4t8-bo2ejaadyukcd3iw024.png-wh_50"/>
2, (Note: The user needs domain management, schema management, Enterprise Administrator rights) such as:
650) this.width=650; "Src=" Https://s2.51cto.com/wyfs02/M01/9C/F8/wKioL1l4URfzyrHAAACyKuhbtk8647.png-wh_500x0-wm_3-wmp_4-s_3237768456.png " Style= "Float:none;" title= "QQ picture 20170726161917.png" alt= "wkiol1l4urfzyrhaaacykuhbtk8647.png-wh_50"/>
3 , other detailed configuration steps refer to the previous article:Windows Server 2012 (single forest, multi-tree, multi-site) AD Deployment Series (iv) Creating a secondary domain control
4. Wait for the installation to complete, restart the computer and log in with the domain administrator account.
To configure a DNS server:
1, Ds04, AD02 and PDC02 domain controller installation is complete, waiting for the restart to complete, log in as a domain administrator account.
2, open the local Tcp/ipv4 property box, for example, the Ds04, AD01, pdc01 DNS address 127.0.0.1, respectively, adjusted to the native IP address: 172.16.10.104, 172.16.28.102, 172.16.29.102. Such as
650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M02/9C/F9/wKioL1l4VBSh_ybEAAB_mdUWB44968.png-wh_500x0-wm_ 3-wmp_4-s_2106156652.png "title=" qq picture 20170726163402.png "Width=" "height=" 370 "border=" 0 "hspace=" 0 "vspace=" 0 " Style= "width:300px;height:370px;" alt= "wkiol1l4vbsh_ybeaab_mduwb44968.png-wh_50"/> 650) this.width=650; "Src=" Https://s2.51cto.com/wyfs02/M00/9C/F9/wKioL1l4VLLz8ahoAACAfp-DeX0989.png-wh_500x0-wm_3-wmp_4-s_3770484618.png " Style= "width:300px;height:370px;" title= "QQ picture 20170726163645.png" width= "height=" 370 "border=" 0 "hspace=" 0 " Vspace= "0" alt= "wkiol1l4vllz8ahoaacafp-dex0989.png-wh_50"/>
650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M01/9C/F9/wKiom1l4VLKjtfbDAACAW3m_GYY281.png-wh_500x0-wm_ 3-wmp_4-s_1694572908.png "style=" WIDTH:300PX;HEIGHT:366PX; "title=" QQ picture 20170726163648.png "width=" height= "366 "border=" 0 "hspace=" 0 "vspace=" 0 "alt=" wkiom1l4vlkjtfbdaacaw3m_gyy281.png-wh_50 "/>
3, Login ds04, AD02, PDC02, open the Service Manager DNS server configuration interface, the default _msdcs.bicionline.org zone is missing, such as
650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M00/9C/F9/wKioL1l4V0qDm5bjAABzade-xrM174.png-wh_500x0-wm_ 3-wmp_4-s_1813771481.png "title=" qq picture 20170726164755.png "alt=" Wkiol1l4v0qdm5bjaabzade-xrm174.png-wh_50 "/>
4, for all tree domains. such as
add bjbicionline.org, shbicionline.org, gzbicionline.org tree-domain resolution on the conditional forwarder side, configuration steps: New Conditional forwarder--Enter DNS domain--Enter IP address--tick "in active D Store this conditional forwarder in irectory "--Select all DNS servers in this forest." As
650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M01/9D/05/wKioL1l5RFeRehhgAACG1CAd-V0500.png-wh_500x0-wm_ 3-wmp_4-s_1925437221.png "title=" qq picture 20170726165417.png "Width=" "height=" 455 "border=" 0 "hspace=" 0 "vspace=" 0 " Style= "width:500px;height:455px;" alt= "Wkiol1l5rferehhgaacg1cad-v0500.png-wh_50"/>
650) this.width=650; "Src=" https://s1.51cto.com/wyfs02/M00/9D/07/wKiom1l5T6PinF0TAACF7O276Cs936.png-wh_500x0-wm_ 3-wmp_4-s_2458590951.png "title=" qq picture 20170727102724.png "alt=" Wkiom1l5t6pinf0taacf7o276cs936.png-wh_50 "/>
5, waiting for a period of synchronization time (according to the inter-site overhead and synchronization frequency, the site set for 15 minutes synchronization frequency), login server ds04.bjbicionline.org into the DNS Management page, need to confirm 3 items: 1. Auto Sync _ msdcs.bicionline.org area; 2. The DomainDNSZones area is automatically generated under the "**bicionline.org" area; 3. The forwarder is automatically synchronized in the conditional forwarder . Such as
650) this.width=650; "Src=" https://s5.51cto.com/wyfs02/M00/9D/07/wKiom1l5S4vgLOgVAAC_CZq-JiU972.png-wh_500x0-wm_ 3-wmp_4-s_2290693356.png "title=" qq picture 20170727101001.png "alt=" Wkiom1l5s4vglogvaac_czq-jiu972.png-wh_50 "/>
6, start nslookup, parse normal.
At this point,BJ, SH, GZ site for the forest bicionline.org to create a tree domain control and provisioning of the relevant DNS and other functions , to see the respective controller "AD Domain and trust relationship" "AD Site and service" status, and verify that the ad and DNS working status is normal.
This article is from the "Itcol_xiaoyu" blog, make sure to keep this source http://itcolxiaoyu.blog.51cto.com/11439802/1951371
Windows Server 2012 (single forest, multi-tree, multi-site) AD Deployment Series (v) Creating a tree domain