Embed Size (px)
DESCRIPTION
DOEACE Notes network tutorial
Citation preview
How to install Active Directory on Windows 2003
(Step By Step Guide for Windows Server 2003 Domain Controller and DNS Server Setup)
Before you start following this article you must be aware this is simply a lab setup and you need to assign relevant ip address, hostnames & domain names which are relevant to your environment / organization.
I will be using the following:
Hostname=DC-LABIP address=172.16.7.200Subnet Mask=255.255.0.0Domain name=LAB.COMPartition: NTFS ( 8 GB )
The Virtual machine used has been installed as of date when this article was written with a default install of Windows 2003 R2 SP2 + all MS critical updates.
Step 1: Start Windows :)
Step 2: Logon to Windows :)
Step 3: Go to the command prompt. start > run > cmd > click ok
Ensure the hostname is configured correctly. This can be changed at a later date once it has been made a DC but I personally recommend NOT doing so. Get it right the first time is always recommended. The ip address, subnet mask, DG & DNS has been set correctly according to your network ip addressing plan.
Oops did I say "Plan" Yes I did, make sure you plan your AD / Network before you get all excited and dive into installing your domain or else get ready for some horrible nightmares.
I have come across all sorts of networks where so called :) IT administrators have assigned public ip address on the LAN. This should only be done if the ISP has assigned a range to your office and the network design has a need for the same. Specifically the networks I refer to have NOT been assigned any public ip's from there ISP and they have taken it upon themselves to use any numbers they liked :) & had all sorts of problems with there network or dns lookups. Some are still stuck with these problems as there networks have grown beyond control and extremely complex & simply to implement a change management & rectify this mistake would cost them a lot more than they ever imagined.
So Plan! Plan! Plan! If unsure take some professional advice.
Step 4: Running DCPROMO.EXE
This can be done in two ways. a. Either run Manage Your Server Wizard(Start–>All Programs–>Administrative Tools–>Manage Your Server)
b. Run dcpromo.exe from the run menu. ( we will use this option.)
Verify the following steps click on Next
Select Server Role as Domain Controller option click on Next
Summary of Your Selections click on Next
Active Directory Installation Wizard click on Next
Step 5: The DCPROMO Wizard.
1. If you have not read any notes or seem unclear and still have doubts click on "Active Directory Help" when you see the first window shown above.
2. If you are comfortable with the information you have in hand go to the next step.
3. Click next.
4. Select "Domain controller for a new domain".
5. Select "Domain in a new Forest"
6. Select "Install and configure DNS server on this computer"Note: This will prompt you later on in the wizard to copy some files for DNS so keep your Windows 2003 media in hand.
7. Enter your Active Directory domain name here click next.
8. Accept the domain NETBIOS name.
(NetBIOS names provides for down-level compatibility.)
9. Click next.Note: If your AD has been planned and the growth factor has been taken into account I would recommend to plan these locations right from the begining. Logs and database should be on a different partition. This will improve performance.
10. Click next.
11. Click next.
Here you need to select the permissions for win 2000 or win 2003 server if you have any NT4 select first option otherwise select second option and click next
12. Type a password (record this password part of your secure server documentation) click next.Note: This password does not need to be the same as your domain administrator password. To read more regarding this topic click on the "AD help link" on the same window.
13. View the Summary than click next.
14. Once you click next you will see a series of task performed by the wizard and it will
start preparing AD.
15. You than be prompted for Windows 2003 SP2 cd as indicated in point 6 earlier in this article.
16. Insert the cd in your cd rom drive click next. The wizard will start copying the required files for DNS and configured DNS on your behalf.
17. The wizard completes successfully click finish.
18. Click restart now.
Adding users to Active Directory
Preface:
As you know, if you try to add AD users using lusrmgr.msc you will receive the following error:
And since I cover creating a local user (lusr) I thought it would only be right to cover creating an Active Directory user.
Method:
Click Start, highlight "Administrative Tools" and select "Active Directory Users and Computers"
Now, expand your domain name on the left side, and go to the bottom where it says "Users". Once you click on that, you will see all of the automatically created users, you will also see all of the users you made before you ran dcpromo - that's because they all stay through the promotion to DC. Anyway, to add a user, you can either right click the "Users" folder on the left side, or the blank area on the right side, and highlight "New" then click "User"
In the next dialog we can set the user's First name, Last name and various other pieces of information, including their log-on name, and domain to which we want to add them
After clicking "Next" you are presented with the password-settings screen. You can set the user's password and then have them change it on their first log-on by selecting "User must change password at next logon". But in this tutorial, I will set it as their password, and not allow them to ever change it without asking me (the administrator) to change it for them
In the next dialog, we get a summary of the user to be created. Click "Finish" and the user has been created
And we're finished! Now, you might want to check out the tutorial on how to add a computer to Active Directory, that will help you get the full benefits of AD
Adding a computer to Active DirectoryPreface:
Earlier, I showed you how to add users to your Active Directory domain. This tutorial will focus on how to add computers. This step is not "really" necessary for workstation computers - at least, I was able to add a Windows XP machine to my domain without adding the computer name first. This is section is really for looking at which computers join, and allow other servers to join as DC's, etc. I will show you how to add the computer using "Active Directory Users and Computers", then in other tutorials, I will demonstrate how to add a Windows 2000 computer and Windows XP computer to this domain.
Update:
Brian Desmond (Windows Server MVP) emailed me with the following information on why someone might want to add a computer to AD manually:
"By default a computer will get dumped in the Computers container, unless a Windows 2003 Native Mode Domain is inplace, and redircomp has been run to change this. Precreating computer accounts in OUs will ensure that when the unit is joined, it is in the correct OU, which guarantees policy consistency, and other administrative things. One can also specify who can reset the machine’s password. This will allow an admin to create an account for a computer, and let a normal user join the machine with their credentials."
Method:
Click Start, highlight "Administrative Tools" and select "Active Directory Users and Computers"
Expand your domain name, and right-click "Computers", highlight "New" then click "Computer"
In this dialog we have to type the name of the computer we want to add
In the next dialog just click "Next", then you will see a final report of what will be added, and you can click "Finish".
Adding a Windows XP computer to a Windows Server 2003 domain
Preface:
This is basically the same procedure as the Windows 2000 tutorial. Some things to note about adding a Windows XP computer to a domain are the following:
You need Windows XP Professional to join a XP computer to a domain. Home can't be used fully for this
You will loose the "fancy" log on screen and you will receive the "classic" log on screen instead. This is for security and cannot be changed, unless you revert to workgroup mode
You will loose the "Fast User Switching". This cannot be restored, except by reverting back to workgroup mode.
Method:
Click Start, right click "My Computer" and click "Properties"
Go to the "Computer Name" tab and click "Change..."
Select the "Domain" radio button then put in your domain name, not including the . extension (in my example I used the domain "hello.test" but when joining the computer to a domain, I will only type "hello")
Press "OK". Then you will be presented with a user name and password prompt. Enter the user name and password of a Domain Administrator
Press "OK" and after a minute or two you will receive a message welcoming you to the domain. Then you will receive a message telling you that a reboot is required, click "OK" to that, and the properties window. Then click "Yes" when you are prompted to reboot.
And we're finished. You have just learnt how to add a Windows XP computer to a Windows Server 2003 domain
Additive:
After the XP computer boots to Control-Alt-Delete you may need to change it from logging onto itself (which will use the local info) to logging onto the domain. To do this, press Ctrl-Alt-Del, then the "Options >>>" button on the log on screen. Then select the domain from the drop-down box
After that you can log on using domain credentials
Install and Configure DHCP Server in Win server 2003 Step By Step GuideA DHCP Server assigns IP addresses to client computers. This is very often used in enterprise networks to reduce configuration efforts. All IP addresses of all computers are stored in a database that resides on a server machine.
Installing DHCP Server is very easy in win server 2003
First you need to go to Start–>All Programs–>Administrative Tools–>Manage Your Server
Here you need to select Add or remove a role
Verify the following steps click on Next
Select Server Role as DHCP Server option click on Next
Summary selection click on Next
Installing DHCP Server in progress
Now this will prompt new scope welcome scree click next
A scope is a collection of IP addresses for computers on a subnet that use DHCP.enter the name and description of your scope click next
Now you need to define the range of addresses that the scope will distribute across the network,the subnet mask for the IP address . Enter the appropriate details and click next.
Enter the IP address range that you want to exclude and click on next
Select lease duration how long a client can use an IP address assigned to it from this scope. It is recommended to add longer leases for a fixed network (in the office for example) and shorter leases for remote connections or laptop computers and click next
You are given a choice of whether or not you wish to configure the DHCP options for the scope now or later.You can select Yes,I want to… radion button and click next
Enter the router, or gateway, IP address click next. The client computers will then know which router to use and click next
Enter the DNS and domain name settings can be entered. The DNS server IP address will be distributed by the DHCP server and given to the client click next
If you have WINS setup then here is where to enter the IP Address of the WINS server. You can just input the server name into the appropriate box and press Resolve” to allow it to find the IP address itself click next
Now you need to activate this scope now and click next
DHCP Server new scope installation was finished and click finish
Now your server is now a DHCP server message and click finish
Configuring DHCP
Now you need to go to Start—>Administrative Tools—>DHCP
Right Click on your server click on Authorize your DHCP Server
Authorization completed now your DHCP server is up and running
DHCP servers permit you to reserve an IP address for a client. This means that the specific network client will have the same IP for as long as you wanted it to. To do this you will have to know the physical address (MAC) of each network card. Enter the reservation name, desired IP address, MAC address and description – choose whether you want to support DHCP or BOOTP and press add. The new reservation will be added to the list.
That’s it it is very easy to configure DHCP server in win server 2003 now you can configure your windows client pc to check your dhcp server is working or not.
Install File and Printer Sharing
By default, a Windows Server 2003-based computer is installed with Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, and TCP/IP.
NOTE: You can view these services in the properties for the local area connection.
You can create a Windows Server 2003 file server and print server manually, or you can use the wizards that are provided in the Configure Your Server Wizard administrative tool.
How to Install a File Server on Windows Server 2003 by Using the Configure Your Server Wizard
1. Click Start, point to Administrative Tools, and then click Configure Your Server Wizard.
2. Click Next.3. Click Next.4. Click File server in the Server role box, and then click Next.5. On the "File Server Disk Quotas" page, configure any quotas you need to control
disk-space usage on the server, and then click Next.6. On the "File Server Indexing Service" page, click the indexing configuration that
is appropriate for your server, and then click Next.7. Click Next.8. Click Finish.9. The Share a Folder Wizard starts. Click Next.10. Click Browse, locate the folder that you want to share, and then click OK.11. Click Next.12. Type a share name for the folder, and then click Next.13. Click one of the basic permissions for the folder, or click Customize to set
custom permissions on the folder. Click Finish.14. Click Close.
How to Manually Install a File Server on Windows Server 20031. Click Start, and then click Windows Explorer.2. Locate the folder that you want to share.3. Right-click the folder, and then click Sharing and Security.4. Click Share this folder, and then accept the default name or type a different
name for the share.5. Optionally, configure the number of users who can connect, configure
permissions for this folder, and then configure the caching options.6. Click OK.
7. A little hand is displayed in the Windows Explorer window to indicate that the folder is being shared.
8. Quit Windows Explorer.
Install a Windows Server 2003 Print Server
How to Install a Print Server on Windows Server 2003 by Using the Configure Your Server Wizard
1. Click Start, point to Administrative Tools, and then click Configure Your Server Wizard.
2. Click Next.3. Click Next.4. Click Print server in the Server role box, and then click Next.5. On the "Printers and Printer Drivers" page, click the types of Windows clients that
your print server will support, and then click Next.6. Click Next.7. On the "Add Printer Wizard Welcome" page, click Next.8. Click Local printer attached to this computer, click to clear the Automatically
detect and install my Plug and Play printer check box, and then click Next.9. Click the port for your printer, and then click Next.10. Click the printer make and model or provide the drivers from the printer
manufacturer media, and then click Next.
NOTE: If you are prompted to keep or not keep your existing printer driver, either keep the existing driver or replace the existing driver. If you replace the driver, you must provide the manufacturer driver for this printer. Click Next to continue.
11. Accept the default name of the printer or provide a different name, and then click Next.
12. Click the Share as option, type the share name, and then click Next.
NOTE: This step is optional because you can share the printer later.13. You may provide the location of the printer and a comment to make it easier to
locate. Click Next to continue.14. Click the Print a test page option, click Next, and then click Finish to quit the
Add Printer Wizard. Your printer appears in the Printers and Faxes folder.
How to Share a Printer1. Click Start, and then click Printers and Faxes.2. Right-click the printer that you just installed, and then click Sharing.
3. Click Share this printer, and then type a share name for the printer.4. Optionally, click Additional Drivers, click the operating systems of the client
computers that may attach to this printer, and then click OK. By adding drivers for these operating systems, users on client computers can connect to the print server and automatically download the appropriate drivers for this model of printer without having to configure anything.
5. When you are prompted to do so, insert the Windows Server 2003 CD-ROM.6. Click OK to close the printer properties.7. Close the Printers and Faxes folder.
How to Manually Install a Print Server on Windows Server 20031. Click Start, point to Settings, and then click Printers.2. Double-click Add Printer to start the Add Printer Wizard.3. To complete the Add Printer Wizard, repeat steps 7 through 14 in the "Install a
Windows Server 2003 Print Server" section of this article.
