Active Directory Introduction and Installation (2)

Running the Active Directory Installation Wizard Upgrading a Windows 2000 Server computer to a domain controller creates a new domain or adds additional domain controllers to an existing domain. Creating a domain controller can:
§ Create the first domain in the network.
§ Create other domains in the woods.
§ Improve network availability and reliability.
§ Improve network performance between sites.
To create a Windows 2000 domain, you must create at least one domain controller in the domain. Creating a domain controller will also create the domain. It is impossible to have a domain without a domain controller. If you determine that a user's organization requires more than one domain, you must create at least one domain controller for each additional domain. The additional fields in the forest can be: the new subdomain, the root of the new domain tree.

Before installing Active Directory, first determine that the DNS service is working properly. The following users will install the first domain controller in the domain with the root domain nt2000.com.
Step 1 Start the Active Directory Installation Wizard DCPromo.exe located in %Systemroot%\\system32 with the configuration server.
As shown in Figure 6.4, click "Next"
Step 2 Since the user is the first domain controller in the domain, select "New Domain Domain Controller" Click " ; Next "

step 3 " to create a new domain tree domain ", click " Next "
step 4 " to create a new domain Domain directory ", click "Next"
Step 5 Enter the domain name to be created in the "DNS full name of the new domain", nt2000.com
as shown in Figure 6.5, click " next "

step 6 installation wizard automatically domain NetBIOS name controller is set " NT2000 ", click the " next " step 7
display database, The location where the directory files and Sysvol files are saved is generally not required to be modified. Click "Next"
Step 8 Configure the DNS service, click "Next", (If you did not configure the DNS server before installing Active Directory, you can let the installation wizard configure DNS here, it is recommended to use this Method.)
Step 9 Select default permissions for users and groups. Considering that you still need to use previous versions of Windows 2000 in most organizations, select "Permissions compatible with previous versions of Windows 2000 Server"
Figure 6.6, click the " next "

input step 10 to the recovery directory administrator password mode, click the " next " step 11
installation wizard To display the summary information, click "Next" to start the installation as shown in Figure 6.7
Step 12 After the installation is complete, restart your computer.
Verifying Installation Results
After the installation is complete, you can verify that Active Directory is installed correctly by installing the service record (SRV record) in the DNS database.
1. Check DNS SRV record file
open the file with a text editor NetLogon.dns% systemroot% /system32 /config /in view of LDAP service records, in the present embodiment as

_ldap. _tcp.nt2000.com. 600 IN SRV 0 100 389 n2k_server.nt2000.com.
2. Verify that the SRV record is working properly in the NSLOOKUP command tool
Step 1 At the command prompt, enter NSLOOKUP
Step 2 Enter set type=srv
Step 3 Enter _ldap._tcp.nt2000.com
If the server name and IP address are returned, the SRV record is working fine

6.2.3 Installing the second domain Controller
After installing the first domain controller, its domain name is nt2000.com. In the above example, the server is used for the head office. If the company needs to expand its own, establish its own domain name and domain for the newly built factory. Controller, the user defines the factory domain name as man.nt2000.com, due to this The domain name and nt2000.com are consecutive domain names, so they form a directory tree. In the future, with the development of the factory, users can continue to add subdomains (such as accounting.man.nt2000.com) in this directory tree. If the domain name to be added is not contiguous with the directory tree (eg nt3000.com) then the user needs to create a new directory tree, which consists of multiple directory trees.
Before installing the second domain controller, first check its IP settings and DNS settings to ensure access to the domain controller (n2k_server.nt2000.com).
Step 1 Use the configuration server to start the Active Directory Installation Wizard DCPromo.exe located in %Systemroot%\\system32. As shown in Figure 6.4, click "Next"
Step 2 Since the user has established a domain controller in the domain, select "New domain domain controller" Click "Next" ;
Step 3 Select "Create a new subdomain in the existing domain tree", click "Next"
Step 4 Enter in the "Network Credentials" dialog box For the domain name of the primary domain and the username and password with administrator privileges, click "Next"
Step 5 Enter the parent domain name (nt2000.com) and subdomain in the "Subdomain installation" dialog box. The domain name (man) will automatically display man.nt2000.com in the subdomain full domain below. Click "Next"
Step 6 The installation wizard automatically sets the domain controller's NetBIOS name to "man" ;, users can also modify, click "Next"
Step 7 Display the save bits of the database, directory files and Sysvol files Generally do not have to be modified. Click "Next"

Step 8 Select default permissions for users and groups. Considering that you still need to use previous versions of Windows 2000 in most organizations, select "and previous versions of Windows 2000 Server Compatible permissions", click "Next"
Step 9 Click "Next" Start installation, after reboot, "Active Directory domain and trust at n2k_server.nt2000.com relation " is displayed in the new sub-field man.nt2000.com 6.8

FIG.