现在我们已经在虚拟机上安装了Windows Server 2003 ,使用(Windows Server 2003)SP2对其进行了修补,安装了防病毒软件并设置了DNS,现在是时候使用 dcpromo设置Active Directory 。
使用运行命令dcpromo设置Active Directory是一个简单的过程。首先,从您的 Windows 2003 Server桌面转到开始, (Start, )单击运行, (Run, )键入dcpromo并按Enter。
“欢迎使用 Active Directory 安装向导(Welcome to the Active Directory Installation Wizard)”应该出现:
单击下一步(Next)。在以下窗口中,您将收到有关与旧操作系统的可比性问题的警告。Windows Server 2003中(Windows Server 2003)改进(Improved)的安全设置会影响旧版本的 Windows,例如Windows 95和Windows NT 4.0 SP3及更早版本。
阅读并考虑后果后,单击“下一步”(Next)。在下一个屏幕上,您将获得两个选项。第一个选项询问您是否希望服务器成为新域的域控制器,或者是否希望服务器成为现有域的附加域控制器:
选择第一个选项并单击Next。在下一个窗口中,您将获得三个选项。第一个选项是在新林中设置域。如果它是您组织中的第一个域控制器,或者您希望它完全独立于任何林,请选择此选项。
选项二:现有域树中的子域(Option two: Child domain in an existing domain tree)。如果您希望域成为现有域的子域,请选择此选项。选项三:现有林中的域树(Option three: Domain tree in an existing forest)。如果您不想要上述任何一项,请选择此选项。
在我们的例子中,选择第一个选项,然后单击Next。在下一个屏幕上,我们需要输入新域的完整DNS名称:(DNS)
输入完整的DNS名称,例如 helpdeskgeek.com,然后单击Next。在下一个屏幕上,我们需要选择NETBIOS名称。这是早期版本的Windows将用于标识新域的名称。
选择名称,然后单击Next。在下一个屏幕上,您需要选择要存储数据库和日志文件的位置。为了获得最佳性能,请将它们存储在单独的磁盘上。
接下来,将出现“共享系统卷”(Shared System Volume)窗口。在这里,您需要选择要存储SYSVOL文件的位置。此文件夹包含域的公共文件,并被复制到域中的所有域控制器。
选择文件夹位置,然后单击Next。在下一个窗口中,将显示DNS注册诊断。在这里你很可能会得到“诊断失败”(Diagnostic failed”) ,它会给你三个选项。如果您已更正问题,第一个选项将允许您再次执行DNS诊断。
第二个选项将允许Active Directory向导为您安装和配置DNS,并将此DNS用作此服务器的主DNS 。如果您打算稍后更正问题,则第三个选项允许您绕过此窗口。
即使我们已经在这台服务器上安装了DNS,我们还没有配置它的任何服务,所以我们将选择在这台计算机上安装和配置 DNS 服务器的选项,并将这台计算机设置为使用这台 DNS 服务器作为其首选 DNS 服务器。 (Install and configure DNS server on this computer and set this computer to use this DNS server as its preferred DNS server. )
在下一个窗口中,您需要为用户和组对象选择所需的类型或权限。在这里,您将获得两个选项。如果您在 Windows 2000 之前的服务器上运行服务器程序,则应选择第一个选项。如果您只在域中运行Windows Server 2000和Windows Server 2003 ,请选择选项二。(Windows Server 2003)
在下一个窗口中,您需要输入目录服务恢复模式管理员密码(Directory services restore mode administrator password)。当您以目录服务还原模式启动计算机时,将使用此密码。此帐户不同于域管理员帐户。
输入您选择的密码,然后单击Next。接下来(Next),您将获得在Active Directory向导中选择的所有选项的摘要。请记住(Remember),域管理员帐户密码与当前本地管理员密码相同。
单击下一步(Click Next)。Active Directory安装应开始。
几分钟后,应安装 Active Directory。(er a few minutes, Active Directory should be installed.)
单击完成(Finish) 并重新启动服务器。Active Directory安装现在应该已完成。
Windows 2003 Active Directory Setup:dcpromo
Now that we have setup Windows Server 2003 on our virtual machine, patched it with SP2, installеd an anti-virus and setup DNS, it is now time to setup Active Directory using dcpromo.
Setting up Active Directory using the run command dcpromo is a straightforward procedure. To begin, from your Windows 2003 Server desktop, go to Start, click on Run, type dcpromo and hit Enter.
The “Welcome to the Active Directory Installation Wizard” should come up:
Click on Next. In the following window, you will get a warning about comparability issues with older operating systems. Improved security settings in Windows Server 2003 affect older versions of windows like Windows 95 and Windows NT 4.0 SP3 and earlier.
After reading and thinking about consequences, click Next. On the next screen, you will get two options. The first option asks you if you want the server to become a domain controller for a new domain or if you want the server to be an additional domain controller for for an existing domain:
Select the first option and click Next. On the next window, you will get three options. The first option is to setup the domain in a new forest. Select this option if it’s the first domain controller in your organization or if you want it to be totally independent from any forest.
Option two: Child domain in an existing domain tree. Select this option if you want the domain to be a child domain from an existing domain. Option three: Domain tree in an existing forest. If you don’t want any of the above, select this option.
In our case, choose the first option, and click Next. On the next screen, we need to type the full DNS name for the new domain:
Type the full DNS name like helpdeskgeek.com, and click on Next. On the next screen, we need to choose the NETBIOS name. This is the name earlier versions of Windows will be using to identify the new domain.
Choose the name, and click Next. On the next screen, you need to select the location of where you want to store the database and log files. For best performance, store them on separate disks.
Next, the Shared System Volume window will come up. Here, you need to choose the location of where you want to store the SYSVOL files. This folder contains the domain’s public files and are replicated to all the domain controllers in the domain.
Choose the folder location, and click Next. On the next window, the DNS registration diagnostic will show up. Here most likely you will get ” Diagnostic failed” and it will give you three options. The first option will allow you to perform the DNS diagnostic again, if you have corrected the problem.
The second option will allow the Active Directory wizard to install and configure DNS for you, and use this DNS as the primary DNS for this server. The third option allows you to bypass this window if you plan to correct the problem later on.
Even though we have already installed DNS on this server, we have not configure any of its services, so we will choose the option to Install and configure DNS server on this computer and set this computer to use this DNS server as its preferred DNS server.
On the next window, you need to choose what type or permissions you want for users and group objects. Here you will get two options. The first options should be selected if you run server programs on pre-Windows 2000 servers. Select option two if you only run Windows Server 2000 and Windows Server 2003 in your domain.
On the next window, you need to enter the Directory services restore mode administrator password. This password is used when you start the computer in directory services restore mode. This account is different from the domain administrator account.
Type your chosen password, and click Next. Next, you will get the summary of all the options you have chosen during the Active Directory wizard. Remember, the domain administrator account password is the same as the current local administrator password.
Click Next. The Active Directory installation should begin.
After a few minutes, Active Directory should be installed.
Click on Finish and restart the server. Active Directory installation should now be complete.
