CIST SMART PNC

MUST TRY FORM OUR BEST

UNTIL WE TRY SO WE CAN KNOW WHAT WE CAN DO

NO GAIN WITHOUT PAIN

CREATE TRUST DOMAIN

AND CREAE CHILD DOMAIN

CALSS: SNA2013A

SUBJETCT: NETWORK ADMIN

PASSERELLES NUMERIQUES CAMBODIA

· We create domain name the server (create child domain or tree root).

· The is we create domain in server2008

· Create domain name (pnc.org) in server 2008R

· First we into windows+R and type dcpromo

· For the first it just follow by default of system

· By follow above steps we will arrived this step

· This we create domain in a new forest

· It mean that is the big domain in the server (some time we can create many domain ,they are can forest can tree can ..)

· After we chose domain name and it will alter a picture conform that we chose pnc.org is

the domain of the server and chose NetBIOS name pnc.

· for this step it conform us we choose forest functional level of server.

· for this we choose windows server 2003 because we create trust domain with server2003.

· we must know if we want to create trust domain all server must the same functional level.

· If we forgot choose windows 2003 we can raise it to upper or lower

· This is the default of the system in windows

· Yes for this point it the default also we just put the password (new password for administrator)

· For this it just conform us that we create AD and has domain pnc forest functional level windows server2003 and domain functional level windows server2003 also.

· This is the process of configure and install domain in a AD.

· Now we finish of install AD and domain in a forest.

· After we finished install AD and domain we go to configure DNS.

· We type windows+R and type dsa.msc or start administrator and toolsDNS.

· We choose primary zone and finish option .

· This we choose To all DNS serverin this forest:(domain name).

· Zone name is up to us that we want but most we put follow DNS.

· For this we choose option second because we can accept any client and it security.

· We finish install new zone wizard.

· For this we add a new zone in Reverse lockup zones (new zone wizard).

· We choose primary zone and four choice.

· We choose To all DNS servers in forest: PNC.org.

·

· We choose IPV4 Reverse Lookup Zone.

· Why do we choose it because ipv4 support and ipv6 it doesn’t support .

· Now it this ip we put ip of server .

· We chose the second option because it can allow both other server or all domain control and child domain.

· Now we finished install of new zone for reverse lookup zones.

· After we create new zone of revers lookup zones we need to create new pointer .

· Just right click on revers lookup zones and choose new pointer.

· We need to put final ip and browse to find our domain controller.

· Some time we choose (allow any authenticated…..) and some time we don’t choose it.

· Ok now we finish reverse lookup zone.

· Reverse lookup zone for forward from ip to hostname

· For forward lookup zone for forward form hostname to ip.

· After we finish revers lookup zone and forward lookup zone

· Need to update group policy ty gpupdate / force

· Ty nslookup for know domain running or not .

· And we ping to each other if it running it will show like this.

· Ok for this point we going to create a child domain in other pc that child with domain server2008.

· New we create a domain in server2003 that put DNS name cist.org

· First we into windows+R and type dcpromo

· About two or three step first we just put follow the default of system in windows.

· We will arrived this point ,we need to choose domain controller for a domain.

· This point we can create new domain that it in other forest domain.

· So new we choose domain tree n an existing forest .

· We chose this because we need to create tree domain in other forest.

· After we chose below option we will go to this step

· For this step put the user(admin) ,password(admin) and domain name of other domain that we want to

Create tree domain with .

· Yes for this we choose domain name that we want to create in tree root domain.

· This domain we choose for own this DNS server.

· After we chose cist.org is the domain of server it will conform us that for netbios domain name.

· For netbios it default by system of windows , we can change it . But this we chose cist.

· It is the default of system. We just follow it .

· We choose the option second because it choose the domain that we installed (cist.org).

· For this point we permissions . For this point we need to know about functional level of

Server that we installed ( there are many functional and mix mode functional level).

· For this domain we chose functional level 2003.

· We put the password for new admin password

· All the time that we install domain system needs us change password.

· Ok we finish install domain controller for this pc and child domain tree root with server 2008.

· This point just conform ip hostname and update associated pointer(PRT)record.

· After we finished install domain name we need to create new zone in Forward lookup and revers forward lookup. But now we create forward lookup.

· We into our dns and right of forward lookup choose new zone.(dsa.msc).

· For this point we chose Primary zone and four option .

· For this point we choose To all domain controllers in the AD domain cist.org

· We chose this because we want all domain run in the same domain.

· And all domain can create tree root domain.

· For IP we put the ip for domain name in forest .

· Or we call put ip for new zone. We just put (172.16.1. ) and one more put latter.

· We chose the second option it support our domain.

· Yes it finish of install new zone in revers zone.

· Sometime when we install domain and after we configure DNS we need to create new zone in Forward lookup and create new zone in the revers lookup so DNS can run.

· But sometime we just install new zone in revers lookup it enough.

· after we created new zone in forward lookup and now we create new zone in revers lookup .

· Ok after we finished create new zone we need to create new pointer .

· New pointer can forward from ip to hostname.

· When we create new pointer it mean just this point

· We put ip of ip that chose for server and we browser to find our domain name .

· Some time we can’t find DNS name because we forgot create Forward lookup zone.

· Ok when we finished create new pointer we need to check our ip.

· For ip 172.16.1.2 is ip for domain in local pc. And subnet mark must the same rang.

· For ip 172.16.1.1 is the ip other pc or other domain’s ip that we want to child with .

· Yes after we created Forward lookup and revers lookup we go to conform domain name.

· We ping from ip to hostname and from hostname to ip

· Nslookup for know domain name run or not. Now it ok.

· After we finish above steps we need to check domain it trust or not

· For this point we just into by follow this steps

· If we create trust domain we need to configure but if we create child domain it doesn’t need configure

More it show all domain name.

· Just right click on domain and choose trust we will see like this if it child domain .

· But if it trust domain we need to create trust domain.

· Ok this the result of create child domain.

· Now we want to conform it success or not we create user in one domain ( in one server) and we

Take one pc (xp 7 or…)join domain with other server.

· For this point we create user in server2003 and take pc to join domain in server 2008.

· Now we create UO.

· This is the result of create OU that OU name ou. OU can contain users.

· Now we create user one that name tyty2003 in server 2003 domain cist.org

· This point we put password for user .

· It has many option to choose for password.

· Result of created user .

· Now we take windows7 to join domain with server2008 . we can join with server2003 if we want but this point we join it with server2008.

· Right click on my computer and choose computer name into change

· Kandal-PC is the name of our pc.

· In domain we put domain server2008(pnc.org).

· It is the system conform of join domain

· For this password and user admin and domain of server.

· Ok we take user in server2003 log in to pc that joined domain with server2008.

· Why it show log on to cist.org because we logged two time so it show domain.

· Yes it is ok of child domain or trust domain.

· If domain trust or child domain it must be user in domain first cab log into domain second and can share resource

To each other .

· Create domain or child domain for protect when one server down other server can support process of network.

· We just know that when it can’t trust or child we conform

+ Time

+Ip address

+ ID number of pc (if we clone from original and make them trust or child it can’t because ID pc the same)

Thank try from your best!!!!.

THE MORE YOU LEARN THE MORE YOU KNOW