Windows Server 2012 (single forest, multi-tree, multi-site) AD Deployment Series (vi) creating subdomains

Source: Internet
Author: User
Tags subdomain

This chapter begins the creation of subdomain controllers and related DNS provisioning for bicionline.org and shbicionline.org domains at BJ and SH sites.

Network configuration:

1, for BJ site DS02, ds03,sh site PDC03 configuration network, IP configuration is as follows:

ds02:172.16.10.102, subnet mask: 255.255.255.0 gateway: 172.16.10.254, DNS 172.16.10.100

ds03:172.16.29.103, subnet mask: 255.255.255.0 gateway: 172.16.29.254, DNS 172.16.10.100

PDC03 : 172.16.28.103    255.255.255.0  gateway: 172.16.28.254  dns 172.16.28.102 

2, ensure that ds02, DS03 and PDC03 host can ping the IP 172.16.10.100, and can parse bicionline.org and shbicionline.org domain names. If you cannot ping or cannot resolve the domain name, check your network configuration .


To create a subdomain controller:

Create a subdomain controller for DS02, DS03, PDC02

1. Take the configuration Ds02 as an example. Open Server Manager and add the role Active Directory Domain Services , such as:

650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M02/9D/0B/wKioL1l5bJLA3CcgAAC4ToSQybQ496.png-wh_500x0-wm_ 3-wmp_4-s_3408559091.png "style=" Float:none; "title=" QQ picture 20170727122706.png "alt=" Wkiol1l5bjla3ccgaac4tosqybq496.png-wh_50 "/>



2. Click Promote this server to a domain controller, select Add new domain to existing forest, enter the parent domain name: bicionline.org, enter the new domain name: User, enter provide the credentials required to perform this operation: Bicionline\administrator, (Note: The user needs to have domain management rights, schema management permissions, Enterprise Administrator rights) such as:

 650) this.width=650; "Src=" Https://s1.51cto.com/wyfs02/M00/9D/0B/wKiom1l5bJLRqs5tAAC3ABdhJp4010.png-wh_500x0-wm_3-wmp_4-s_3380548019.png " title= "QQ picture 20170727122709.png" style= "Float:none;" alt= "wkiom1l5bjlrqs5taac3abdhjp4010.png-wh_50"/>

3 , other detailed configuration steps refer to the previous article:Windows Server 2012 (single forest, multi-tree, multi-site) AD Deployment Series (iv) Creating a secondary domain control

4. Wait for the installation to complete, restart the computer and log in with the domain administrator account.


To configure a DNS server:

1, Ds04, AD02 and PDC02 domain controller installation is complete, waiting for the restart to complete, log in as a domain administrator account.

2, open the local Tcp/ipv4 property box, for example, the DS02, DS03, pdc03 DNS address 127.0.0.1, respectively, adjusted to the native IP address: 172.16.10.102, 172.16.10.103, 172.16.28.10 3.

3. Log in to the first domain control ds01.bicionline.org in the forest, open the DNS server configuration interface in Service Manager, configure the _msdcs.bicionline.org zone, and under the name server option, Add ds02.user.bjbicionline.org, ad03.manager.bicionline.org, pdc03.sh.shbicionline.org, The purpose is to pass the forest zone to the DNS servers for all tree domains . As

5.  Login Server ds03.manager.bjbicionline.org for example. To enter the DNS Administration page, you need to confirm 3 items: 1. Automatically synchronizes the _msdcs.bicionline.org area; 2. The DomainDNSZones area is automatically generated under the "user.bicionline.org" area ; 3. The forwarder is automatically synchronized in the conditional forwarder. At this point, the DNS server configuration is complete. As

650) this.width=650; "Src=" https://s5.51cto.com/wyfs02/M02/9D/10/wKiom1l5lLnDG-vJAADG3i2-liE082.png-wh_500x0-wm_ 3-wmp_4-s_1538402750.png "title=" qq picture 20170727152218.png "alt=" Wkiom1l5llndg-vjaadg3i2-lie082.png-wh_50 "/>

Start Nslookup, parse normal: if

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M01/9D/10/ Wkiom1l5lulikij8aabl8zn2sha151.png-wh_500x0-wm_3-wmp_4-s_2538361487.png "title=" qq picture 20170727152433.png "alt=" Wkiom1l5lulikij8aabl8zn2sha151.png-wh_50 "/>

View Status:

1. View each controller "AD Domain and trust relationship", as

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M01/9D/10/wKioL1l5lrPTr4XvAACHY5QwSIE067.png-wh_500x0-wm_ 3-wmp_4-s_1229526418.png "title=" qq picture 20170727152745.png "alt=" Wkiol1l5lrptr4xvaachy5qwsie067.png-wh_50 "/>

2. View sites and services

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M00/9D/10/wKioL1l5llmwE0RoAACwEsOE-Es469.png-wh_500x0-wm_ 3-wmp_4-s_3422938805.png "title=" qq picture 20170727152834.png "alt=" Wkiol1l5llmwe0roaacwesoe-es469.png-wh_50 "/>

at this point, the whole domain forest environment is fully built, which realizes the single forest, multi-site, multi-auxiliary domain, multi-tree domain, multi-subdomain complex environment construction work. Hope to further improve the understanding of the theory and configuration of AD, DNS, tree domain, subdomain, auxiliary domain control and so on.

The end of this series.



This article from "Itcol_xiaoyu" blog, declined reprint!

Windows Server 2012 (single forest, multi-tree, multi-site) AD Deployment Series (vi) creating subdomains

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.