Active Directory Installation

  

I know this is an old subject, but still I 'm getting queries like:

 

How can I install Active Directory on my Server 2003 box?
I have installed Active Directory but client login is too slow?

So I thought to write about the installation of DNS and Active Directory Service and making the server a Domain Controller.

 

 

Prerequisites

1. Connect the Server to a switch with straight through cable or to another computer with cross-over cable. If a physical layer connection is not detected you cannot run DCPROMO command for AD installation.
2. Make sure your OS partition is NTFS. If it is FAT, convert to NTFS using the CONVERT command.

           C:\> CONVERT c: /FS:NTFS (assumes that your OS is installed in C drive)

 

Prepare your Server for AD

 

This is the details I ‘m using for the setup:

Computer Name : vmw2k

IP Address : 192.168.1.100

Subnet Mask : 255.255.255.0

Default Gateway : 192.168.1.1 (assign your router’s LAN interface IP address here / if you are not sure, leave this field blank for the time being)

 

Preffered DNS Server: 192.168.1.100

Alternate DNS Server: Leave this blank

Domain Name : mycompany.net

 

• Right-click on ‘My Computer’ icon on desktop and select properties.
• Select ‘Computer Name’ tab. Click ‘Change’ button.

  

  

• Click ‘More’ button.
• Enter ‘mycompany.net’ for ‘Primary DNS suffix of this computer’
• Keep the check box ‘Change primary DNS suffix…’ checked.

• Click OK and restart your computer to accept the changes.

IP Address Assignment

 

A proper IP address and DNS server setup is required for AD installation. So let’s get started with IP assignment.

• Open Network properties (Start -> Run -> ncpa.cpl -> OK)
• Select Internet Protocol (TCP/IP) and click ‘Properties’
• Set the IP Address and other details as follows:

 

DNS Server Installation

• Insert the Server 2003 CD
• Open Add or Remove Programs (Start-> Run -> appwiz.cpl -> OK
•  Click Add/Remove Windows Components. From the components list, select 'Networking Services' and click 'Details'
• From the Networking Services screen, check 'Domain Name System (DNS)' and click OK
• Click Next to continue the installation (Windows Server 2003 required for this step)
• Click Finish and close Add or Remove Programs

 DNS configuration

 

Click Start -> Programs -> Administrative Tools -> DNS and open DNS Management console. You can see a snap-in with ‘Configure a DNS Server’ message

 

Expand the computer name and select ‘Forward Lookup Zone’

 

 

 

Right-Click on ‘Forward Lookup Zone’ and select ‘New Zone…’ command

Click Next in the ‘Welcome to the new Zone wizard’ dialog.

 

For zone type, select ‘Primary zone’ option and click Next

  

 

 

For Zone Name, type ‘mycompany.net’ and click Next

 

For Zone File, accept the default zone name (mycompany.net.dns) and click Next

 

For Dynamic Update, select ‘Allow both nonsecure and secure dynamic updates’ and click Next

 

Click Finish.

 

Now your forward lookup zone is created, you can see ‘mycompany.net’ under ‘Forward Lookup Zone’

 

 

Right-Click on ‘Reverse Lookup Zone’ and select ‘New Zone…’ command and click Next

 

For zone type, select ‘Primary zone’ option and click Next

 

At the ‘Reverse Lookup zone name’ screen, enter Network ID : 192.168.1 and click Next

 

 

For Zone File, accept the default zone name (1.168.192.in-addr.arpa.dns) and click Next

 

For Dynamic Update, select ‘Allow both nonsecure and secure dynamic updates’ and click Next

 

Click Finish.

 

 Now our Forward and Reverse Lookup zones are ready. Next we need to create a Host Record for our Domain Controller. For this, right-click on the zone ‘mycompany.net’ and select ‘New Host (A)…’ command.

 

 

 

You will get ‘New Host’ dialog, enter the values as follows:

Name : vmw2k3 (or whatever the name of your server)

IP Address : 192.168.1.100

Check ‘Create associated pointer record’ check box.

 

 

Click ‘Add Host’. And click ‘Done’

 

 

Refresh both zones, you can see the newly created Host (A) record of your server under Forward Lookup zone and the associated Pointer (PTR) record under Reverse Lookup zone

 

 

Verify your DNS installation from Windows command line by pinging with the computer's NETBIOS name (vmw2k3) and Fully Qualified Domain Name (vmw2k3.mycompany.net).

 

Start -> Run -> CMD -> OK

 

C:\> PING vmw2k3

C:\> PING vmw2k3.mycompany.net

 

Both PING commands should resolve Server's IP address to 192.168.1.100 without errors if your DNS setup is correct.

 

Now check with NSLOOKUP command line tool.

 

C:\> nslookup

> vmw2k3

 

> vmw2k3.mycompany.net

>exit

 

 

Both NSLOOKUPs should resolve your server's IP address.  Now you can continue with AD installation.

Active Directory Installation

 

 

For installing the active directory, we need to make the server a Domain Controller. For this, Click Start -> Run -> dcpromo -> OK

 

Click Next twice

 

For Domain Controller Type, accept the default option ‘Domain Controller for a new Domain’ and click Next.

 

Type of Domain : ‘Domain in a new Forest’. Click Next

 

For Full DNS Name for new domain, enter ‘mycompany.net’ and click Next

 

At the screen, DCPromo will search and check whether the netbios name MYCOMPANY already exists on the network. If it not exists, DCPROMO will come up with MYCOMPANY as domain NETBIOS name.

 

Accept the default Database and Log folder locations and click Next.

 

 

Accept the Shared System Volume location and click Next.

 

 

If DNS and all other things are fine, you will get a successful message at the diagnostics screen.

 

Click Next

 

For Permission, accept the default option.

 

 

Enter a password for Directory Service Restore Mode and click Next

 

 

Click Next to start the installation

 

 

Click Finish to complete the installation

 

 

DCPromo will prompt to restart. After the restart you can verify the installation by checking the following things:

 

i. Right-click on My Computer icon on desktop, select ‘Manage’ command to open Computer Management snap-in. You can see your ‘Local Users and Groups’ disappeared from Computer Management. (It is replaced by Active Directory Users and Computers)

 

ii) If the installation was successful, you can see the following snap-ins under Start -> Programs -> Administrative Tools

a. Active Directory Users and Computers

b. Active Directory Sites and Services

c. Active Directory Domains and Trusts

 

DNS and Active Directory is up and running.  Now integrate the DNS to Active Directory and accept secure dynamic updates only.  For this:

1. 
   
   Open DNS management snap-in  from Program Files -> Administrative Tools -> DNS
   
   
   
    
2. 
   
   Expand Forward Lookup zone and select 'mycompany.net' zone.
   
   
   
    
3. 
   
   Right-click on 'mycompany.net' and select Properties.
   
   
   
    
4. 
   
   On the General tab, click 'Change' button.
   
   
   
    
5. 
   
   In the 'Change zone type' dialog box, check 'Store zone in Active Directory' check box
   
   
   
    
6. 
   
   Click OK and confirm by clicking 'Yes'.
   
   
   
    
7. 
   
   Select 'Secure only' option for Dynamic updates and click OK.
   
   
   

• 
  
  Expand Reverse Lookup zone and select 'mycompany.net' zone.
  
  
  
• 
  
  Right-click on '192.168.1.x Subnet' zone and select Properties.
  
  
  
• 
  
  Repeat the step 4 to 7
  
  
  

To manage your domain user accounts and computers use Active Directory Users and Computers console.

 

 

101 Run Commands

Applications

• calc                                 Calculator
• notepad                           Notepad
• mspaint                           Paint
• wordpad                         Wordpad
• charmap                         Character Map
• clipbrd                            Clipboard Viewer
• drwtsn32                        Dr. Watson System Troubleshooting Utility
• osk                                 On Screen Keyboard
• mstsc                              Remote Desktop
• winword                         Microsoft Word (If Installed)
• excel                               Microsoft Excel (If Installed)
• wmplayer                       Windows Media Player
• sndrec32                        Sound Recorder
• iexplore                          Internet Explorer

Control Panel Applets

• access.cpl                                   Accessibility Controls
• hdwwiz.cpl                                 Add Hardware Wizard
• appwiz.cpl                                  Add/Remove Programs
• control admintools                       Administrative Tools
• wuaucpl.cpl                               Automatic Updates
• timedate.cpl                               Date and Time Properties
• directx.cpl                                  Direct X Control Panel (If Installed)
• control desktop                          Display Properties
• desk.cpl                                     Display Properties
• findfast.cpl                                  Findfast
• control folders                            Folders Options
• control fonts                               Fonts
• fonts Fonts                                 Folder
• joy.cpl Game                              Controllers
• inetcpl.cpl                                  Internet Properties
• control keyboard                        Keyboard Properties
• control mouse                            Mouse Properties
• main.cpl                                     Mouse Properties
• control netconnections                Network Connections
• ncpa.cpl                                     Network Connections
• netsetup.cpl                               Network Setup Wizard
• odbccp32.cpl                            ODBC Data Source Administrator
• password.cpl                             Password Properties
• telephon.cpl                                Phone and Modem Options
• powercfg.cpl                             Power Configuration
• control printers                          Printers and Faxes
• intl.cpl                                       Regional Settings
• sticpl.cpl                                   Scanners and Cameras
• control schedtasks                     Scheduled Tasks
• wscui.cpl                                  Security Center
• control color                             Select Appearance Tab in Display Properties
• mmsys.cpl                                 Sounds and Audio
• firewall.cpl                               Windows Firewall

Administrative Tools Snap Ins

• compmgmt.msc                        Computer Management
• devmgmt.msc                           Device Manager
• eventvwr.msc                           Event Viewer
• gpedit.msc                               Group Policy Editor (XP Prof)
• secpol.msc                               Local Security Settings
• lusrmgr.msc                              Local Users and Groups
• perfmon.msc                            Performance Monitor
• perfmon                                   Performance Monitor
• ntmsmgr.msc                            Removable Storage
• rsop.msc                                  Resultant Set of Policy
• services.msc                             Services
• fsmgmt.msc                              Shared Folders
• dsa.msc                                   Active Directory Users and Computers (Windows Server / Active Directory / Admin Tools)
• admgmt.msc                            Active Directory Management snap-in
• dnsmgmt.msc                           DNS snap-in
• domain.msc                             Active Directory Domains and Trusts snap-in
• gpmc.msc                                Group Policy Management Console (If Installed)
• inetmgr                                     IIS Manager

 Disk Utilities

• Chkdsk                             Check Disk Utility
• cleanmgr                            Disk Cleanup Utility
• dfrg.msc                            Disk Defragment
• diskmgmt.msc                    Disk Management
• diskpart                             Disk Partition Manager
• ntbackup                           Backup Utility

System Maintenance Utilities

• msconfig                         System Configuration Utility
• regedit                            Registry Editor
• regedit32                        Registry Editor
• verifier                            Driver Verifier Utility
• Sigverif                           File Signature Verification Tool
• sfc /scannow                   System File Checker Utility (Scan Immediately)
• sfc /scanonce                  System File Checker Utility (Scan Once At Next Boot)
• sfc /scanboot                  System File Checker Utility (Scan On Every Boot)
• sfc /revert                       System File Checker Utility (Return to Default Setting)
• sfc /purgecache               System File Checker Utility (Purge File Cache)
• sysedit                            System Configuration Editor

Network Troubleshooting

• ipconfig /all                       IP Configuration (Display Connection Configuration)
• ipconfig /displaydns          IP Configuration (Display DNS Cache Contents)
• ipconfig /flushdns              IP Configuration (Delete DNS Cache Contents)
• ipconfig /release               IP Configuration (Release All Connections)
• ipconfig /renew                IP Configuration (Renew All Connections)
• ipconfig /registerdns          IP Configuration (Refreshes DHCP & Re-Registers DNS)

Games

• Freecell                      Free Cell Card Game
• mshearts                    Hearts Card Game
• Winmine                    Minesweeper Game
• Spider                       Spider Solitare Card Game

Others

• cmd                                   Command Prompt
• dxdiag                               Direct X Troubleshooter
• logoff                                 Logs You Out Of Windows
• shutdown -s                       Shuts Down Windows
• shutdown -i                       Remote Shutdown Dialog
• shutdown -l                        Logs You Out Of Windows
• shutdown -r                       Restart the Computer
• systeminfo                         Machine specific properties and configuration
• set                                     Get / Set Windows environment variables