Understanding Active Directory:
Active directory (AD) is a directory service implemented by Microsoft cooperation for windows domain networks. In fact it is a special purpose databse which stores a large amount of information in a hierarchical manner. This data is hierarchical, replicated, and extensible. Typical examples of data stored in the directory include printer queue data, user contact data, and network/computer configuration data. The Active Directory database consists of objects and attributes. Objects and attribute definitions are stored in the Active Directory schema. Let us look into how to set up active directory in windows server 2008 R2 server.
1. Make sure that you have a valid domain name that must be assigned for your domain(Eg:Server.com)
2. A properly configured and available DNS server. If you do not have it, you can setup DNS during this installation process itself. (In this scenario I am using DNS server as local and installing during the AD configuration itself).
3. Make sure that you have a proper Static IP address is assigned in your network which is going to be DNS server IP for your network.
4. Microsoft .NET framework 3.5.1 to be installed or can be done during installation process.
5. Local administrator must have a complex and strong password to be set.
Make sure that you have met all these prerequisites or you may face issues during different faces.
Installation and configuration
In order to configure AD you must have the feature to be installed in your server
1. Open Server manager->Select ‘Role’-> Add Roles
2. Now you will get an introduction window which will point out some basic prerequisites, make sure that you met all these and click ‘Next’.
3. Next window will list out all the Roles that can be installed on this server and this roles may different based on your operating system edition (Like Professional, Enterprise and Ultimate…). Since we want to set up the network to manage users and network related data you must select the option ‘Active directory domain services’ since I have not installed .NET Framework 3.5.1 installed while selecting the Role it will prompt you to add .NET frame work also to be added. Just click ‘Add Required Features’ and click on ‘Next’.
4. Now you will have an introduction window which will help you to have some details about AD. Read it and if you would like to have more idea about this you can make use of links which will redirect you to MS articles. Click ‘Next’.
5. Now you will have the confirmation window which will give you the details of information. Click on ‘Install’ to start installation.
6. Please wait until the installation complete and you will have an installation windows which will show you the status of installation. Make sure that it is succeeded and click on ‘Close’.
7. By these steps we have completed installation of AD roles in server. Please note that until you configure it the services ‘Active directory domain services’, ‘Net logon’, ‘Intersite messaging’ and ‘Kerberos key distribution center’ will be stopped.
8. In order to configure AD service Open ‘Run’ command ->and type ‘dcpromo.exe’ which will redirect you to configuration wizard of AD.
9. Now you can have the ‘Welcome window’ and ‘Operating system compatibility’ press ‘Next’ on both windows to continue.
10. Since this is my first domain controller(DC) I will need to configure a new domain and new forest, so please select the option ‘Create a new domain in new forest’ and click ‘Next’.
11. Now you need to specify the ‘Fully qualified domain name (FQDN)’ that required for your network. Type it and click ‘Next’.
12. The windows will take you to define the ‘Functional level’ that you required for your domain. Based on your selection you can view the features of each functional level. Highest functional level means highest features. Select as per your choice and click ‘Next’ (You can raise the functional level after configuration also but we recommend you to define the best that suites your network now itself).
13. As next it will ask you for Additional domain controller option. Here since this is the first domain to your network the DC should have a ‘Global catalogue (GC)’ and it cannot be ‘Read only domain controller’. So you will not be able to edit these two options. Since I need the DNS server and I do not have this service installed on my network I am selecting this service to be installed. Now click ‘Next’.
14. This may prompt you to with another dialogue box, click ‘Yes’ to continue. This is because there was no DNS service installed in network.
15. Next window will ask you for the locations that the database, Log files and SYSVOLis to be saved. We recommend you to have the default location and continue.
16. Let us consider a situations that, your ADDC data has corrupted on a day or you have accidently deleted any of the objects and you want to restore the correct data from your backup, you may need to boot your server in ‘directory service restore mode’. In order to complete this backup operation you must specify the password which can be specified in this installation. Please specify and make a note of this as you will require in feature restore mode.
17. Now you can have summary windows and clicking on ‘Next’ will take you to start installation as you defined. Before this you can export the settings that you have defined(From summary window). Keeping a copy can help you to define the configurations that you done for your ADDC and will be useful later.
18. Once it configured you can have an configuration completion wizard. Click ‘Finish’ on this window.
19. In order to complete you must restart your server. So click ‘Restart Now’ on next window.
Feel free to post your comments and queries…:)