Creating a New Child Domain in an Existing Domain

1. Log in as a local Administrator.

3. Type dcpromo.

4. Click OK to start the Active Directory Installation Wizard.

5. In the Welcome to the Active Directory Installation Wizard window, click Next.

6. In the Operating System Compatibility window, click Next.

7. In the Domain Controller Type window, click Domain controller for a new domain | Next, as shown in Figure 4.23.

Figure 4.23 The Domain ControllerType Dialog Box Used for a New Child Domain in an Existing Domain

Figure 4.23 The Domain ControllerType Dialog Box Used for a New Child Domain in an Existing Domain

8. In the Create New Domain window, click Child Domain in an existing domain tree | Next, as shown in Figure 4.24.

Figure 4.24 The Create New Domain Dialog Box Used for a New Child Domain in an Existing Domain

Figure 4.24 The Create New Domain Dialog Box Used for a New Child Domain in an Existing Domain

9. In the Network Credentials window, type in the username, password, and domain name of an Enterprise Administrator in the forest-root domain, or a Domain Admin in the parent domain, and click Next.

10. In the Child Domain Installation window, verify the parent domain and type the name of the new child domain. Click Next, as shown in Figure 4.25.

Figure 4.25 The Child Domain Installation Dialog Box Used for a New Child Domain in an Existing Domain

Figure 4.25 The Child Domain Installation Dialog Box Used for a New Child Domain in an Existing Domain

In the NetBIOS Domain Name window, verify the NetBIOS name and click Next. The default name is generally the best one to use.

In the Database and Log Folders window, type or browse to the location where you want the database and log folders. Click Next.

In the Shared System Volume window, type or browse to the location where you want the SYSVOL folder. Click Next.

In the DNS Registration Diagnostics window, check to see if the DNS settings are correct for the parent domain. Click Next, as shown in Figure 4.26.

Figure 4.26 The DNS Registration Diagnostics Dialog Box Used for a New Child Domain in an Existing Domain

15. In the Permissions window you have two options: Permissions compatible with pre-Windows 2000 server operating systems and Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems. Select one, and then click Next.

16. In the Directory Services Restore Mode Administrator Password window, input and confirm the password for the Directory Services Restore Mode. Click Next.

17. Read the Summary window. Click Next, as shown in Figure 4.27. The installation will continue for several minutes.

Figure 4.27 The Summary Dialog Box for a New Child Domain in an Existing Domain

Figure 4.27 The Summary Dialog Box for a New Child Domain in an Existing Domain

18. Restart your new DC.

19. Verify that the installation was successful. Open a command prompt and enter the Net Share command. It should report the existence of the Netlogon and SYSVOL shares. To verify that the DNS service locator records for the new DC were successfully created, follow these steps:

1. Click Start | Administrative Tools | DNS to start the DNS administrator console.

2. Expand the server name.

3. Expand Forward Lookup Zones.

4. Expand the domain.

5. Verify that the _msdcs, _sites, _tcp, and _udp folders are present and contain records for your new DC. These service location records are crucial to the operation of the DC. See Table 4.7 for more a more detailed description of the required records, and Figure 4.16 for a view of the DNS administrator tool used to view them.

What If dcpromo Fails?

There are a few things to check for after a failure of the Active Directory Installation Wizard. First, check the contents of the %SystemRoot%\Debug\Dcpromo.log file.

■ If the log file reports that The system cannot find the file specified, then check for the presence of the %SystemRoot%\System32\Ntds.dit file. This is a default directory services file on a member server. The way to fix this is to expand Ntds.di_ from any server CD. Note that this file should be in the System32 folder on a member server. Once you run a successful dcpromo, the active Ntds.dit file will be in the folder you specified during the promotion.

■ If you receive an Access is denied error, check for incorrect permissions on the default Ntds.dit file, as well as on your new and existing NTDS folders.

■ If SRV records fail to show up in the appropriate DNS zone, check first to see if the new DC's Primary DNS Server TCP/IP property is set to the correct DNS server. If the DC is a DNS server, then this value should point to itself.

Creating a New DC in an Existing Domain

This is the only situation where you will run the Active Directory Installation Wizard without creating a new domain. See Exercise 4.08 for the necessary steps. Usually, you will need to perform this procedure when your domain has grown to the point that it needs additional DCs to spread the workload.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment