Windows Server 2008 forest root domain DC deployment

Last Update:2014-09-10 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Experimental background: In the daily production of the enterprise, a server is usually deployed as a domain controller, and the clients of each department are joined to a domain, which facilitates unified management and maintenance. and to achieve Remote Desktop synchronization, the file is placed on the server side, from any client through authentication access and operation. Nonsense not much to say, directly on the experiment.

Take an experimental topology diagram, with the Cisco Simulator's Ha, and by the way familiar dot Cisco stuff

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-OTiAJfgAACJ8QhSKyg615.jpg "style=" float: none; "title=" 1.png "alt=" Wkiol1qp-otiajfgaacj8qhskyg615.jpg "/>

on the same internal LAN, there is a server, we will deploy the domain controller on the above, and pc0 and pc1 into the domain, on the server side will realize the unified management of the two hosts

Experimental requirements:

Server Server-1,ip:10.0.0.1 netmask:255.0.0.0 gateway:10.0.0.254 dns:10.0.0.1

Client Client1 ip:10.0.0.2 netmask=255.0.0.0 gateway=10.0.0.254 dns=10.0.0.1

Client Client2 ip=10.0.0.3 netmask=255.0.0.0 gateway=10.0.0.254 dns=10.0.0.1

Experimental process:

Configure the server IP, set this server as a DNS server,DNS points to itself, change the computer name to server-1, restart theserver

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/26/wKioL1QP-OSwfSP9AAIgXbbFh9g076.jpg "style=" float: none; "title=" 2.png "alt=" Wkiol1qp-oswfsp9aaigxbbfh9g076.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/25/wKiom1QP-NfDix52AAH2glCf6m4104.jpg "style=" float: none; "title=" 3.png "alt=" Wkiom1qp-nfdix52aah2glcf6m4104.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/25/wKiom1QP-NeQwPqWAAGpE_QQLgE471.jpg "style=" float: none; "title=" 4.png "alt=" Wkiom1qp-neqwpqwaagpe_qqlge471.jpg "/>

Start ---- Run Enter dcpromo to open the DC Deployment Wizard

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/26/wKioL1QP-OWBc3aCAAGENERiUeg958.jpg "style=" float: none; "title=" 5.png "alt=" Wkiol1qp-owbc3acaageneriueg958.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/25/wKiom1QP-Njg6EK8AACi5GeueRo979.jpg "style=" float: none; "title=" 6.png "alt=" Wkiom1qp-njg6ek8aaci5geuero979.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/26/wKioL1QP-OXxAeE3AAIYzZ5NXeQ311.jpg "style=" float: none; "title=" 7.png "alt=" Wkiol1qp-oxxaee3aaiyzz5nxeq311.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/25/wKiom1QP-NiAlisYAAFjIBXZUFQ509.jpg "style=" float: none; "title=" 8.png "alt=" Wkiom1qp-nialisyaafjibxzufq509.jpg "/>

Select Create new domain in New forest, because we do not have a domain now, if the company headquarters has, you can select an existing forest, you can directly join the headquarters of the domain

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-OXClFYkAAE5-vj_9Ic847.jpg "style=" float: none; "title=" 9.png "alt=" Wkiol1qp-oxclfykaae5-vj_9ic847.jpg "/>

Specify forest root domain as ws.com

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/25/wKiom1QP-RfCxaYJAAHTMyabs3U450.jpg "style=" float: none; "title=" 10.png "alt=" Wkiom1qp-rfcxayjaahtmyabs3u450.jpg "/>

Specifies the functional level of the forest.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/26/wKioL1QP-SSSqkvnAAGFi8p7Emk027.jpg "style=" float: none; "title=" 11.png "alt=" Wkiol1qp-sssqkvnaagfi8p7emk027.jpg "/>

to Select the DNS server to install the DNS server, we are not installing now, so below he will prompt, choose Yes

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/26/wKioL1QP-SXxlNdSAAEQ8URXxds409.jpg "style=" float: none; "title=" 12.png "alt=" Wkiol1qp-sxxlndsaaeq8urxxds409.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/25/wKiom1QP-RfhDFp1AAHlVkwTz0Q676.jpg "style=" float: none; "title=" 13.png "alt=" Wkiom1qp-rfhdfp1aahlvkwtz0q676.jpg "/>

Specify Active Directory database files, log files, and SYSVOL folder storage path. This contains the database information, if the server is damaged, you can recover data through the file, including the user name and password files, it is important!!

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/26/wKioL1QP-SXQ2L9mAAGe01tJ-ow624.jpg "style=" float: none; "title=" 14.png "alt=" Wkiol1qp-sxq2l9maage01tj-ow624.jpg "/>

set up Active Directory DSRM mode password, used to repair the database, note the password is complex

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/25/wKiom1QP-RjxYGlzAAH8zi4FxnA744.jpg "style=" float: none; "title=" 15.png "alt=" Wkiom1qp-rjxyglzaah8zi4fxna744.jpg "/>

Installation Summary, direct next

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/25/wKiom1QP-RjjDD4uAADmL70EtcQ177.jpg "style=" float: none; "title=" 16.png "alt=" Wkiom1qp-rjjdd4uaadml70etcq177.jpg "/>

Tick the reboot after completion, is the configuration to take effect

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-SWiaDVuAAG_DTtJXjw518.jpg "style=" float: none; "title=" 17.png "alt=" Wkiol1qp-swiadvuaag_dttjxjw518.jpg "/>

You will be prompted to change your password. Requirements Meet complexity

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/25/wKiom1QP-RjCp8n9AAEMMPuuQKU879.jpg "style=" float: none; "title=" 18.png "alt=" Wkiom1qp-rjcp8n9aaemmpuuqku879.jpg "/>

at this point, we look at the system properties and we can see server-1 The server has been configured as a domain controller, hehe

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-YTTp8bYAALRsODmqeI144.jpg "style=" float: none; "title=" 19.png "alt=" Wkiol1qp-yttp8byaalrsodmqei144.jpg "/>

In the administration tool, we can see some of the domain Active Directory related components

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/25/wKiom1QP-XfzlAeZAARxjpNUHZk131.jpg "style=" float: none; "title=" 20.png "alt=" Wkiom1qp-xfzlaezaarxjpnuhzk131.jpg "/>

Open DNS Management Console, locate the forward lookup zone that is already configured as ActiveDirectory integrated area type, abbreviation AD , only security updates

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-YTz6uPcAALtrufOCpg080.jpg "style=" float: none; "title=" 21.png "alt=" Wkiol1qp-ytz6upcaaltrufocpg080.jpg "/>

in the DNS automatically registered on the server _msdcs.ws.com area, which contains the SRV Record

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/26/wKioL1QP-YTg2CS4AAL0OyAhyWg943.jpg "style=" float: none; "title=" 22.png "alt=" Wkiol1qp-ytg2cs4aal0oyahywg943.jpg "/>

Configure DNS Reverse Lookup Zones

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/25/wKiom1QP-Xfi7cSaAAKw4SXYyJk034.jpg "style=" float: none; "title=" 23.png "alt=" Wkiom1qp-xfi7csaaakw4sxyyjk034.jpg "/>

area type main area, tick Storage in AD

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/25/wKiom1QP-XfwwbuZAAKup8OYQP4803.jpg "style=" float: none; "title=" 24.png "alt=" Wkiom1qp-xfwwbuzaakup8oyqp4803.jpg "/>

Create IPv4 Reverse lookup zone, allow only security updates

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/26/wKioL1QP-YXBrt7VAANqVixUtMM119.jpg "style=" float: none; "title=" 25.png "alt=" Wkiol1qp-yxbrt7vaanqvixutmm119.jpg "/>

Add server-1 of the server host PTR Pointers

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/26/wKioL1QP-YXQFasuAAMCpnBW3sw027.jpg "style=" float: none; "title=" 26.png "alt=" Wkiol1qp-yxqfasuaamcpnbw3sw027.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/26/wKioL1QP-bqDvRI5AAJ8bg54y5w721.jpg "style=" float: none; "title=" 27.png "alt=" Wkiol1qp-bqdvri5aaj8bg54y5w721.jpg "/>

Open AD User and Computer Management console, view domain Controller organizational unit,server-1 for domain controller type is GC

The following client joins the domain, configures the IP, and tests the communication

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/25/wKiom1QP-a3BXAI_AARbhm4v2vo726.jpg "style=" float: none; "title=" 28.png "alt=" Wkiom1qp-a3bxai_aarbhm4v2vo726.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-buynrVeAANQIxGgHyY918.jpg "style=" float: none; "title=" 29.png "alt=" Wkiol1qp-buynrveaanqixgghyy918.jpg "/>

Next, set the system properties, define the domain name suffix, for the administrator account to subordinate the host to the ws.com domain

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/25/wKiom1QP-a6hjrRoAATaQwyksXg789.jpg "style=" float: none; "title=" 30.png "alt=" Wkiom1qp-a6hjrroaataqwyksxg789.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/26/wKioL1QP-byQmE4dAAP3WIV3aqE978.jpg "style=" float: none; "title=" 31.png "alt=" Wkiol1qp-byqme4daap3wiv3aqe978.jpg "/>

after DC Authentication, client01 client successfully joined domain

in the Open AD user and Computer Management on The DC, view the computer container, and see the host that is joined to the domain

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/49/25/wKiom1QP-a-iihS9AAG-yKxDhdM846.jpg "style=" float: none; "title=" 32.png "alt=" Wkiom1qp-a-iihs9aag-ykxdhdm846.jpg "/>

Next is the client 2

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/26/wKioL1QP-b3ASSR4AAMAcnSmog0132.jpg "style=" float: none; "title=" 33.png "alt=" Wkiol1qp-b3assr4aamacnsmog0132.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/49/25/wKiom1QP-a-xwHNyAALayg_KMuk133.jpg "style=" float: none; "title=" 34.png "alt=" Wkiom1qp-a-xwhnyaalayg_kmuk133.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/49/26/wKioL1QP-b2BXYELAAGolCppQj0768.jpg "style=" float: none; "title=" 35.png "alt=" Wkiol1qp-b2bxyelaagolcppqj0768.jpg "/>

This article is from the "IT Walker Pine" blog, please be sure to keep this source http://520yatou.blog.51cto.com/6642882/1550572

Windows Server 2008 forest root domain DC deployment

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Windows Server 2008 forest root domain DC deployment

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support

Windows Server 2008 forest root domain DC deployment

Contact Us

What's Trending

Top 10 Tags

Top 10 Keywords

Trending Topic

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support