Information Technology Reference
In-Depth Information
The next step is to choose the forest functional level. Microsoft has expanded Active
Directory's functionality with each successive server OS since Windows 2000. For the most
advanced features and security, you should choose the Windows Server 2008 functional level.
For the most backward compatibility with older domain controllers on the network, you should
choose Windows 2000. If you choose the Windows Server 2008 level, you can't run Windows
Server 2003 or Windows 2000 domain controllers. You can, however, still run older servers as
member servers.
You then have three additional options for the domain controller:
•
DNS server
—For the first domain controller in a new domain, DNS should be installed,
and this check box should be selected in most circumstances.
•
Global catalog
—For the first DC in a forest, this check box is selected and disabled
because the first DC in a new forest must also be a global catalog server (discussed in
Chapters 4 and 10).
•
Read-only domain controller (RODC)
—This check box is not selected by default, and it's
disabled for the first DC in the domain.
3
After you have made your choices, Windows might warn you about a DNS server not being
found, which is okay if you're going to install DNS during the Active Directory installation.
Next, you're asked for the location of the Active Directory database, log files, and Sysvol folder.
The
Sysvol folder
is a shared folder that stores the information from Active Directory that's
replicated to other domain controllers. Storing the database and log files on separate disks, if
possible, is best for optimal performance. Next, you're asked to enter a password for
Directory
Services Restore Mode
. This boot mode is used to perform restore operations on Active
Directory if it becomes corrupted or parts of it are deleted accidentally. That's it—Windows is
then ready to finish the AD DS installation. If you know you'll be installing other DCs, you can
export your answers to a file for use in an unattended installation. When the installation is fin-
ished, your server restarts, and then you have some new MMCs in the Administrative Tools
folder for configuring and managing Active Directory.
Activity 3-1: Installing Active Directory Domain Services
Time Required:
15 minutes
Objective:
Install AD DS as a new domain controller in a new forest.
Description:
After installing Windows Server 2008 successfully and completing the immediate
postinstallation tasks, you decide to install Active Directory Domain Services. This server will be
the first DC in a new forest. (Because the entire class is also installing AD DS, make sure your
domain names don't conflict.) In addition, you decide to install the DNS Server role as part of
the installation because DNS is required for Active Directory functionality.
Server and domain names are indicated in several activities with “XX” as
part of the name. Whenever you see the “XX,” replace it with your stu-
dent number, which your instructor assigns.
1. Start your server and log on as Administrator, if necessary. If the Initial Configuration Tasks
applet starts, click the
Do not show this window at logon
check box, and then close the
window. Server Manager should start. If it doesn't, click the
Server Manager
icon on the
Quick Launch toolbar.
2. In the Server Summary section of Server Manager, verify that your server name is ServerXX.
3. Click the
Roles
node in the left pane, and then click
Add Roles
. The next window is infor-
mational and warns you to be sure the Administrator account has a strong password, your
network settings are configured, and the latest security updates are installed. Click
Next
.
4. In the Select Server Roles window, click
Active Directory Domain Services
, and then click
Next
.
Search WWH ::
Custom Search