Beruflich Dokumente
Kultur Dokumente
Windows 2003
(Step By Step Guide for Windows Server 2003 Domain
Controller and DNS Server Setup)
Before you start following this article you must be aware this is simply a lab setup and
you need to assign relevant ip address, hostnames & domain names which are relevant to
your environment / organization.
I will be using the following:
Hostname=DC-LAB
IP address=172.16.7.200
Subnet Mask=255.255.0.0
Domain name=LAB.COM
Partition: NTFS ( 8 GB )
The Virtual machine used has been installed as of date when this article was written with
a default install of Windows 2003 R2 SP2 + all MS critical updates.
Step 1: Start Windows :)
Step 3: Go to the command prompt. start > run > cmd > click ok
Ensure the hostname is configured correctly. This can be changed at a later date once it
has been made a DC but I personally recommend NOT doing so. Get it right the first time
is always recommended. The ip address, subnet mask, DG & DNS has been set correctly
according to your network ip addressing plan.
Oops did I say "Plan" Yes I did, make sure you plan your AD / Network before you get
all excited and dive into installing your domain or else get ready for some horrible
nightmares.
I have come across all sorts of networks where so called :) IT administrators have
assigned public ip address on the LAN. This should only be done if the ISP has assigned
a range to your office and the network design has a need for the same. Specifically the
networks I refer to have NOT been assigned any public ip's from there ISP and they have
taken it upon themselves to use any numbers they liked :) & had all sorts of problems
with there network or dns lookups. Some are still stuck with these problems as there
networks have grown beyond control and extremely complex & simply to implement a
change management & rectify this mistake would cost them a lot more than they ever
imagined.
So Plan! Plan! Plan! If unsure take some professional advice.
b. Run dcpromo.exe from the run menu. ( we will use this option.)
1. If you have not read any notes or seem unclear and still have doubts click on "Active
Directory Help" when you see the first window shown above.
2. If you are comfortable with the information you have in hand go to the next step.
3. Click next.
9. Click next.
Note: If your AD has been planned and the growth factor has been taken into account I
would recommend to plan these locations right from the begining. Logs and database
should be on a different partition. This will improve performance.
Here you need to select the permissions for win 2000 or win 2003 server if you have any
NT4 select first option otherwise select second option and click next
12. Type a password (record this password part of your secure server documentation)
click next.
Note: This password does not need to be the same as your domain administrator
password. To read more regarding this topic click on the "AD help link" on the same
window.
14. Once you click next you will see a series of task performed by the wizard and it will
15. You than be prompted for Windows 2003 SP2 cd as indicated in point 6 earlier in this
article.
16. Insert the cd in your cd rom drive click next. The wizard will start copying the
required files for DNS and configured DNS on your behalf.
And since I cover creating a local user (lusr) I thought it would only be right to cover
creating an Active Directory user.
Method:
Click Start, highlight "Administrative Tools" and select "Active Directory Users and
Computers"
Now, expand your domain name on the left side, and go to the bottom where it says
"Users". Once you click on that, you will see all of the automatically created users, you
will also see all of the users you made before you ran dcpromo - that's because they all
stay through the promotion to DC. Anyway, to add a user, you can either right click the
"Users" folder on the left side, or the blank area on the right side, and highlight "New"
then click "User"
In the next dialog we can set the user's First name, Last name and various other pieces of
information, including their log-on name, and domain to which we want to add them
After clicking "Next" you are presented with the password-settings screen. You can set
the user's password and then have them change it on their first log-on by selecting "User
must change password at next logon". But in this tutorial, I will set it as their password,
and not allow them to ever change it without asking me (the administrator) to change it
for them
In the next dialog, we get a summary of the user to be created. Click "Finish" and the
user has been created
And we're finished! Now, you might want to check out the tutorial on how to add a
computer to Active Directory, that will help you get the full benefits of AD
Update:
Brian Desmond (Windows Server MVP) emailed me with the following information on
why someone might want to add a computer to AD manually:
"By default a computer will get dumped in the Computers container, unless a Windows
2003 Native Mode Domain is inplace, and redircomp has been run to change this.
Precreating computer accounts in OUs will ensure that when the unit is joined, it is in the
correct OU, which guarantees policy consistency, and other administrative things. One
can also specify who can reset the machines password. This will allow an admin to
create an account for a computer, and let a normal user join the machine with their
credentials."
Method:
Click Start, highlight "Administrative Tools" and select "Active Directory Users and
Computers"
Expand your domain name, and right-click "Computers", highlight "New" then click
"Computer"
In this dialog we have to type the name of the computer we want to add
In the next dialog just click "Next", then you will see a final report of what will be added,
and you can click "Finish".
Method:
Click Start, right click "My Computer" and click "Properties"
Select the "Domain" radio button then put in your domain name, not including the .
extension (in my example I used the domain "hello.test" but when joining the computer
to a domain, I will only type "hello")
Press "OK". Then you will be presented with a user name and password prompt. Enter
the user name and password of a Domain Administrator
Press "OK" and after a minute or two you will receive a message welcoming you to the
domain. Then you will receive a message telling you that a reboot is required, click
"OK" to that, and the properties window. Then click "Yes" when you are prompted to
reboot.
And we're finished. You have just learnt how to add a Windows XP computer to a
Windows Server 2003 domain
Additive:
After the XP computer boots to Control-Alt-Delete you may need to change it from
logging onto itself (which will use the local info) to logging onto the domain. To do this,
press Ctrl-Alt-Del, then the "Options >>>" button on the log on screen. Then select the
domain from the drop-down box
Now this will prompt new scope welcome scree click next
Now you need to define the range of addresses that the scope will distribute across the
network,the subnet mask for the IP address . Enter the appropriate details and click next.
Enter the IP address range that you want to exclude and click on next
Select lease duration how long a client can use an IP address assigned to it from this
scope. It is recommended to add longer leases for a fixed network (in the office for
example) and shorter leases for remote connections or laptop computers and click next
You are given a choice of whether or not you wish to configure the DHCP options for the
scope now or later.You can select Yes,I want to radion button and click next
Enter the router, or gateway, IP address click next. The client computers will then know
which router to use and click next
Enter the DNS and domain name settings can be entered. The DNS server IP address will
be distributed by the DHCP server and given to the client click next
If you have WINS setup then here is where to enter the IP Address of the WINS server.
You can just input the server name into the appropriate box and press Resolve to allow it
to find the IP address itself click next
Now you need to activate this scope now and click next
DHCP Server new scope installation was finished and click finish
Now your server is now a DHCP server message and click finish
Configuring DHCP
Now you need to go to Start>Administrative Tools>DHCP
DHCP servers permit you to reserve an IP address for a client. This means that the
specific network client will have the same IP for as long as you wanted it to. To do this
you will have to know the physical address (MAC) of each network card. Enter the
reservation name, desired IP address, MAC address and description choose whether you
want to support DHCP or BOOTP and press add. The new reservation will be added to
the list.
Thats it it is very easy to configure DHCP server in win server 2003 now you can
configure your windows client pc to check your dhcp server is working or not.
Click Start, point to Administrative Tools, and then click Configure Your
Server Wizard.
2. Click Next.
3. Click Next.
4. Click File server in the Server role box, and then click Next.
5. On the "File Server Disk Quotas" page, configure any quotas you need to control
disk-space usage on the server, and then click Next.
6. On the "File Server Indexing Service" page, click the indexing configuration that
is appropriate for your server, and then click Next.
7. Click Next.
8. Click Finish.
9. The Share a Folder Wizard starts. Click Next.
10. Click Browse, locate the folder that you want to share, and then click OK.
11. Click Next.
12. Type a share name for the folder, and then click Next.
13. Click one of the basic permissions for the folder, or click Customize to set
custom permissions on the folder. Click Finish.
14. Click Close.
7. A little hand is displayed in the Windows Explorer window to indicate that the
folder is being shared.
8. Quit Windows Explorer.
Click Start, point to Administrative Tools, and then click Configure Your
Server Wizard.
2. Click Next.
3. Click Next.
4. Click Print server in the Server role box, and then click Next.
5. On the "Printers and Printer Drivers" page, click the types of Windows clients that
your print server will support, and then click Next.
6. Click Next.
7. On the "Add Printer Wizard Welcome" page, click Next.
8. Click Local printer attached to this computer, click to clear the Automatically
detect and install my Plug and Play printer check box, and then click Next.
9. Click the port for your printer, and then click Next.
10. Click the printer make and model or provide the drivers from the printer
manufacturer media, and then click Next.
NOTE: If you are prompted to keep or not keep your existing printer driver,
either keep the existing driver or replace the existing driver. If you replace the
driver, you must provide the manufacturer driver for this printer. Click Next to
continue.
11. Accept the default name of the printer or provide a different name, and then click
Next.
12. Click the Share as option, type the share name, and then click Next.
NOTE: This step is optional because you can share the printer later.
13. You may provide the location of the printer and a comment to make it easier to
locate. Click Next to continue.
14. Click the Print a test page option, click Next, and then click Finish to quit the
Add Printer Wizard. Your printer appears in the Printers and Faxes folder.
3. Click Share this printer, and then type a share name for the printer.
4. Optionally, click Additional Drivers, click the operating systems of the client
computers that may attach to this printer, and then click OK. By adding drivers
for these operating systems, users on client computers can connect to the print
server and automatically download the appropriate drivers for this model of
printer without having to configure anything.
5. When you are prompted to do so, insert the Windows Server 2003 CD-ROM.
6. Click OK to close the printer properties.
7. Close the Printers and Faxes folder.