Domain controllers (DCs) host the directory service and perform the services that support
identity and access management in a Microsoft Windows enterprise. To this point in the
training kit, you have learned to support the logical and management components of an
Active Directory Domain Services (AD DS) infrastructure: users, groups, computers, and
Group Policy. Each of these components is contained in the directory database and in SYSVOL
on domain controllers. In this chapter, you will begin your exploration of the service-level
components of Active Directory, starting with the domain controllers themselves. You will
learn how to add Windows Server 2008 domain controllers to a forest or domain, how to prepare
a Microsoft Windows Server 2003 forest or domain for its first Windows Server 2008 DC,
how to manage the roles performed by DCs, and how to migrate the replication of SYSVOL
from the File Replication Service (FRS) used in previous versions of Windows to the Distributed
File System Replication (DFS-R) mechanism that provides more robust and manageable
replication.
Exam objectives in this chapter:
■ Configure a forest or a domain.
■ Configure Active Directory replication.
■ Configure operations masters.
Lessons in this chapter:
■ Lesson 1: Installing Domain Controllers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
■ Lesson 2: Configuring Operations Masters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
■ Lesson 3: Configuring DFS Replication of SYSVOL . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Before You Begin
To complete the practices in this chapter, you must have created a domain controller named
SERVER01 in a domain named contoso.com and a member server, with a full installation,
joined to the domain named SERVER02. See Chapter 1, “Installation,” for detailed steps for
this task.
Real World
Dan Holme
Active Directory enables you to configure a domain and a forest with a single domain
controller. But that’s not enough. Domain controllers provide functionality critical to the
identity and access management requirements of an enterprise, and if a domain controller
fails, you must have a way to provide continuity of service. That’s why it’s very important
to have at least two DCs in a domain. As soon as you start adding DCs to a domain,
you start needing to consider replication, and in this chapter, you’ll learn about one of
the exciting new features of Windows Server 2008: DFS-R of SYSVOL. FRS, used by previous
versions of Windows and supported by Windows Server 2008 for backward compatibility,
has been a notorious weak spot prone to problems and difficult to
troubleshoot. To take advantage of this feature, all domain controllers must be running
Windows Server 2008, so you’ll need to know how to prepare an existing forest for its
first Windows Server 2008 DC—another objective of this chapter. Finally, as you add
domain controllers to an enterprise, you need to consider the placement of single master
operations, which are special roles assigned to one DC in a forest or domain. By the time
you’re through with this chapter, you’ll have the skills to improve the redundancy, performance,
and manageability of multiple domain controllers in your enterprise.
Lesson 1: Installing Domain Controllers
In Chapter 1, you used the Add Roles Wizard in Server Manager to install Active Directory
Domain Services (AD DS). Then you used the Active Directory Domain Services Installation
Wizard to create the first DC in the contoso.com forest. Because DCs are critical to authentication,
it is highly recommended to maintain at least two domain controllers in each domain in
your forest to provide a level of fault tolerance in the event that one DC fails. You might also
need to add domain controllers to remote sites or create new domains or trees in your Active
Directory forest. In this lesson, you will learn user-interface, command-line, and unattended
methods for installing domain controllers in a variety of scenarios.
After this lesson, you will be able to:
■ Install a DC, using the Windows interface, Dcpromo.exe command-line parameters,
or an answer file for unattended installation.
■ Add Windows Server 2008 DCs to a domain or forest with Windows Server 2003
and Windows 2000 Server DCs.
■ Create new domains and trees.
■ Perform a staged installation of a read-only domain controller.
■ Install a DC from installation media to reduce network replication.
■ Remove a domain controller.
Estimated lesson time: 60 minutes
Installing a Domain Controller with the Windows Interface
If you want to use the Windows interface to install a domain controller, there are two major
steps. First, you must install the AD DS role, which, as you learned in Chapter 1, can be
accomplished using the Add Roles Wizard in Server Manager. After the AD DS role installation
has copied the binaries required for the role to the server, you must install and configure
AD DS by launching the Active Directory Domain Services Installation Wizard, using
one of these methods:
■ Click Start and, in the Start Search box, type dcpromo and click OK.
■ When you complete the Add Roles Wizard, click the link to launch the Active Directory
Domain Services Installation Wizard.
■ After adding the AD DS role, links will appear in Server Manager that remind you to run
the Active Directory Domain Services Installation Wizard. Click any of those links
আপনার জন্য আরও ভয়েস
Ads by ccnabd
ConversionConversion EmoticonEmoticon