Creating a New Domain in a New Forest

1. Log on as a local Administrator.

3. Type dcpromo.

4. Click OK to start the Active Directory Installation Wizard.

5. In the Welcome to the Active Directory Installation Wizard window, click Next as shown in Figure 4.4.

Figure 4.4 The Welcome Dialog Box for dcpromo

Figure 4.4 The Welcome Dialog Box for dcpromo

6. In the Operating System Compatibility window, click Next as shown in Figure 4.5.

Figure 4.5 The Operating System Compatibility Dialog Box for dcpromo

Active Directory Installation Wizard

Opeiating System Compatibility

Improved security settings in Windows Seiver 2003 affect older versions of Windows.

Domain controllers running Windows Server 2003 implement security settings that require clients and other servers to communicate with those domain controllers in a more secure way.

T he following older veisions of Windows cannot meet the new requirements:

By default, computers running those versions of Windows will not be able to log on with a domain controller running Windows Server 2003 oi access domain resources.

For more information, see Compatibility Help.

7. In the Domain Controller Type window, click Domain controller for a new domain | Next as shown in Figure 4.6.

Figure 4.6 The Domain Controller Type Dialog Box Used for a New DC in a New Domain

Active Directory Installation Wizard

Domain Contioller Type

Specify the role you want this server to have.

Do you want this server to bec< additional domain controller for

Ouin rij-iwijl^riur^ •'ir;-; Select this option to create This seiver will become the a domain controller for a new domain or an listing domain?

iew child domain, new domain tree, or new forest. :t domain controller in the new domain.

C Additional domain controller for an existing domain

/j\ Proceeding with this option will delete all local accounts on this server.

All cryptographic keys will be deleted and should be exported before continuing.

All encrypted data, such as EFS-enciypted files or e-mail, should be decrypted before continuing or it will be permanently inaccessible.

I Next > I Cancel

8. In the Create New Domain window, click Domain in a new forest | Next as shown in Figure 4.7.

Figure 4.7 The Create New Domain Dialog Box Used for Creating a New Domain in a New Forest

Figure 4.7 The Create New Domain Dialog Box Used for Creating a New Domain in a New Forest

9. In the New Domain Name window, type the full DNS domain name for the new domain, and click Next as shown in Figure 4.8.

Figure 4.8 The New Domain Name Dialog Box Used for Creating a New Domain in a New Forest

Figure 4.8 The New Domain Name Dialog Box Used for Creating a New Domain in a New Forest

10. In the NetBIOS Domain Name window, verify the NetBIOS name and click Next as shown in Figure 4.9. The default name is generally the best one to use.

Figure 4.9 The NetBIOS Domain Name Dialog Box for dcpromo

Figure 4.9 The NetBIOS Domain Name Dialog Box for dcpromo

11. In the Database and Log Folders window, type or browse to the location where you want the database and log folders. Click Next as shown in Figure 4.10.

Figure 4.10 The Database and Log Folders Dialog Box for dcpromo

Figure 4.10 The Database and Log Folders Dialog Box for dcpromo

12. In the Shared System Volume window, type or browse to the location where you want the SYSVOL folder. Click Next as shown in Figure 4.11.

Figure 4.11 The Shared System Volume Dialog Box for dcpromo

Figure 4.11 The Shared System Volume Dialog Box for dcpromo

13. In the DNS Registration Diagnostics window, verify an existing DNS server to be authoritative for this new forest, or click Install and configure the DNS server on this computer, and set this computer to use this DNS server as its preferred DNS server. Click Next as shown in Figure 4.12.

Figure 4.12 The DNS Registration Diagnostics Window with No Current DNS Server Available

Active Directory Installation Wizaid

DNS Registration Diagnostics

Verity DNS support, oi install DNS on this computer.

Diagnostic Results

The registration diagnostic has been run 1 time.

used by this computer responded within the timeout e of the DNS interval.

note information, including steps to correct this problem, see Help. Details

The SOA query for_ldap._tcp.dc._msdcs.Dogs.com to find the primary DNS serve f I have corrected the problem. Perform the DNS diagnostic test again.

i* Install and configure the DNS server on this computer, and set this computer tc this DNS server as its preferred DNS server. I will correct the problem later by configuring DNS manually. (Advanced]

14. In the Permissions window, you have two options: Permissions compatible with pre-Windows 2000 server operating systems and Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems. Select one, and then click Next as shown in Figure 4.13.

Figure 4.13 The Permissions Dialog Box for dcpromo

Figure 4.13 The Permissions Dialog Box for dcpromo

15. In the Directory Services Restore Mode Administrator Password window, input and confirm the password for the Directory Services Restore Mode. Click Next as shown in Figure 4.14.

Figure 4.14 The Directory Services Restore Mode Administrator Password Dialog Box for dcpromo

Figure 4.14 The Directory Services Restore Mode Administrator Password Dialog Box for dcpromo

16. Read the Summary window. Click Next as shown in Figure 4.15. The installation will continue for several minutes.

17. Restart your new DC.

18. Verify that the installation was successful. Open a command prompt and enter the Net Share command. It should report the existence of the Netlogon and SYSVOL shares. To verify that the DNS service locator records for the new DC were successfully created, follow these steps:

1. Click Start | Administrative Tools | DNS to start the DNS administrator console.

2. Expand the server name.

3. Expand Forward Lookup Zones.

4. Expand the domain.

5. Verify that the _msdcs, _sites, _tcp, and _udp folders are present and contain records for your new DC. These service location records are crucial to the operation of the DC. See Table 4.7 for a more detailed description of the required records, and Figure 4.16 for a view of the DNS administrator tool used to view them.

Figure 4.15 The Summary Window Describing the Forest Root

Figure 4.15 The Summary Window Describing the Forest Root

Figure 4.16 The DNS Administrator Tool Used to Verify a Successful Forest-Root Installation

Creating a New Domain Tree in an Existing Forest

This will often be the second domain that you install, as shown in Figure 4.17.This type of arrangement accommodates a forest comprised of two different company divisions, or two companies within a larger corporation. Domains are used as boundaries for security and administration.With the procedure in Exercise 4.06, you will simultaneously create your first nonroot top-level domain, and the second tree in your forest. Note that a new bidirectional, transitive trust is automatically created with the forest root.

Figure 4.17 Creating a New Domain Tree in an Existing Forest

Dogs.com

Figure 4.17 Creating a New Domain Tree in an Existing Forest

Dogs.com

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment