Resources Configuration

IP Address 10.10.20.24

Subnet Mask 255.255.252.0

Default Gateway 10.10.20.1

Preferred DNS Server 10.10.20.21

Alternate DNS Server <null>

4. Install DNS. Log on to the server designated to become the root DC (CHRDC01) as Administrator and install DNS on this server. To do so, open the Control Panel and select Add or Remove Programs O Add/Remove Windows Components, which launches the Windows Components Wizard. Select Networking Services in the Wizard and click the Details button. In the Networking Services Dialog box, check the option to install Domain Name System (DNS). Complete the procedures and, when prompted by the installation procedure for the Windows Server operating system CD, either provide a CD or browse to the I386 folder under the install shares on the support Server. Complete the process to install DNS on the server. You can now repeat the process for all hub root domain controllers.

5. Create the Forest Root Zone on CHRDC01 by using the following steps:

Note This process cannot be repeated on CHRDC02 or any other root server destined to become a DC.

a. Startup DNS and right-click the CHRDC01 icon.

b. Select New Zone. The New Zone Wizard will now launch. Click Next.

c. Select the option to create a Primary Zone and click Next.

d. Select Forward Lookup Zone and click Next.

e. Enter MCITY.CTY as the name of the zone and click Next.

f. Keep the default DNS filename (it should be MCITY.CTY.DNS) for the zone filename and click Next.

g. If prompted for Dynamic Update configuration, choose the option to allow Dynamic Updates. Click Next.

h. Complete the process by selecting Finish.

6. Create the reverse lookup zone on CHRDC01 by using the following steps:

a. Open to the DNS console and expand the CHRDC01 server icon.

b. Select Reverse Lookup Zones and click New Zone. The New Zone Wizard will launch.

c. Select options for a Primary non-integrated zone and click Next.

d. Enter the IP address range for the zone (this is the 10.10.20.X network).

e. Click Next and select the options to allow a dynamic update.

f. Complete the process by selecting Finish.

7. Create the forest root domain controller on CHRDC01 by using the following steps:

a. Click Start O Run and type DCPROMO on CHRDC01.

b. Choose the options for creating a root domain controller in a new forest.

c. Choose the root domain name as the full DNS Name for the new domain (MClTY.cty).

d. Accept the default NETBIOS name of MCITY.

e. Choose the default path for the SYSVOL folder on the RAlD-5 array. However, the drive letter should point to the RAlD-5 array on D:\, E:\, or F:\, and not C:\ (for example E:\Windows\...). Choose the path options provided for the NTDS Active Directory database and its log files, changing only the drive letters to point to the RAlD 5 volume as mentioned.

f. Accept permissions compatible with Windows 2000 and Windows Server 2003.

g. Enter the Directory Services Restore Mode Administrator password. This should be a complex password. Choose "[email protected]" (without the quotation marks). Remember that the server's local Administrator password will become the password required to log on to the DC after promotion.

h. Review the settings and then click Finish to begin the process. Restart the server when prompted.

8. Enable Active Directory integration of the forest root zone and the reverse lookup zone.

To enable AD integration for the root zone, follow these steps:

a. Open the DNS console and expand the root server CHRDC01 icon.

b. Expand the Forward Lookup Zones folder and select the MClTY.cty zone. Right-click on this zone and the select Properties.

c. The Properties dialog box for MClTY will open. On the General tab, select the Change button on the Type option. The Change Zone Type dialog box will launch.

d. Select the option to change the zone to Active Directory lntegrated and click OK.

e. Perform the same procedure on the Reverse Lookup Zone folder.

9. Verify CHRDC01 name registration by performing the following actions:

a. Open the DNS console and expand the root server CHRDC01 icon.

b. Expand the Forward Lookup Zones folder and select expand the MClTY.cty zone.

c. Verify that the _msdcs, _sites, _tcp, and _udp subdomains are registered under MCITY.cty.

d. If the preceding subdomains are not registered, then start a command prompt and type NET STOP NETLOGON. Wait for the service to stop and then type NET START NETLOGON.

e. Repeat Steps a through c to verify the registration.

f. Verify that the Reverse Lookup Zone has replicated.

10. Verify DNS name resolution on CHRRDC02. Before CHRDC02 can be promoted as a root DC, you must first verify DNS:

a. Log on to the CHRRDC02 as the domain Administrator.

b. Open the command prompt, type NSLOOKUP MCITY.CTY, and press Enter. You should now see the following result in the console:

C:\>nslookup MCITY.cty Server: CHRDC01.MCITY.CTY Address: 10.10.20.21 Name: MCITY.CTY Address: 10.10.20.21

If you do not see this result, confirm that the IP settings on CHRDC02 are correct. It should have CHRDC01 (10.10.20.21) as its preferred DNS server.

If you not have DNS working properly, you cannot proceed with DCPROMO of any other server.

11. DCPROMO CHRDC02 as follows:

a. Click Start O Run and type DCPROMO on CHRDC02.

b. Choose the option "Additional domain controller for an existing domain" and then click next.

c. You will now be prompted for access to the root domain. Choose the Administrator account because this account has Enterprise Administrator credentials. (See Step 7g for account and password information.)

d. Choose the default path for the SYSVOL folder on the RAID-5 array. However, the drive letter should point to the RAID-5 array on D:\, E:\, or F:\, and not C:\. Choose the path options provided for the NTDS Active Directory database and its log files, changing only the drive letters to point to the RAID 5 volume as mentioned previously.

e. You must now enter the Directory Services Restore Mode Administrator password for this server. This should be a complex password. Choose something like "[email protected]" (without the quotation marks). DCs can and should have the same Directory Services Restore Mode Administrator password to simplify administration.

f. Review the settings and then click Finish to begin the process. Restart the server when prompted.

12. Verify CHRDC02 name registration as follows:

a. Open the DNS console and expand the root server CHRDC02 icon.

b. Expand the Forward Lookup Zones folder and select expand the MCITY.cty zone.

c. Verify that the _msdcs, _sites, _tcp, and _udp subdomains are registered under MCITY.cty.

d. If these subdomains are not registered, then start a command prompt and type NET STOP NETLOGON. Wait for the service to stop and then type NET START NETLOGON.

e. Repeat Steps a through c to verify the registration.

f. Verify that the Reverse Lookup Zone has replicated.

13. Update the preferred DNS parameters on CHRDC01. Log on to CHRDC01 and open the TCP/IP properties for the NIC. Change the preferred DNS server from 10.10.20.21 to 10.10.20.24.

14. Create Automated System Recovery Media (ASR) for the DOMAIN CONTROLLERS. Creation of the root domain and promotion of the first domain controllers is now complete. System recovery using ASR media must now be performed on the domain controllers. ASR is described in Chapter 21.

Was this article helpful?

0 0

Post a comment