Forests

A forest is one or more trees connected at the tree roots by a Kerberos bidirectional
transitive trust. As with a tree, this now means that every single domain in a forest trusts
every other domain in the forest, even those domains in other trees. Why would you
need more than one tree in the first place? Remember, a tree is a contiguous
namespace. If you needed a separate namespace, maybe you wanted a domain to be
named savtech.org, you could not place this into the existing savilltech.net tree. Instead,
when you created this new domain you would specify that you wanted to join an existing
forest and give the name of the existing tree. For example, you would give the name
savilltech.net, and as with domains in a tree, a trust between the two tree roots would
be created as shown in Figure 10-26. 654 Chapter 10 Active Directory Domain Services

The phrase “domain and forest functionality” refers to the scope of Active Directory
features you have available in your enterprise

The Dynamic Host Configuration Protocol (DHCP)

The Dynamic Host Configuration Protocol (DHCP) is responsible for allocating IP

addresses to machines on the network. Not every machine should have a dynamically
allocated IP address, however. Any server that is accessed consistently by clients and
that would be hampered if its IP address changed should have a static IP address

After DHCP is running on a network, configure clients to obtain IP addresses via DHCP
and they automatically request an IP address upon startup.

Installing and Performing DHCP Initial Configuration

1. Select the Add Roles link within the Roles section of the tool (either ICT or Server
Manager), as shown in Figure 1
FIGURE1. The Add Roles option is also available via the ICT environment.
2. The Add Roles wizard is displayed and gives warnings that you should ensure
the Administrator has a strong password, a static IP address, and the latest
updates. Click Next
3. A list of all roles is displayed. Select DHCP Server and click Next
4. The wizard now guides you through the basic configuration of DHCP with seven
steps. Click Next.
FIGURE 2 The role-based method is far more attractive than the old style Add/Remove
Windows Components in previous versions.

5. The first step is determining which network connections are bound for the DHCP
server. All connections with a static IP address are listed. Confirm that the
bindings are correct and click Next.
6. The DNS information that is given to clients, including the DNS domain of the
client parent, the primary DNS server, and the secondary DNS server (if
available), is configured. Click Next . This configuration is set at the global level
and so applies to all scopes created on the DHCP server.
FIGURE 4 Selecting the network connections with which the DHCP server provides
service.
FIGURE 5 Configuring the DNS domain and servers for the DHCP server.

7. The next screen configures WINS (if required). If any of your applications still use
NetBIOS names, configure the WINS servers. Click Next.
8. DHCP scopes can be configured by clicking the Add button, which opens up the
scope properties. Configure the name, its default gateway, subnet mask, and
starting and ending IP address. You can also select the type of subnet (see
Figure 7-8). If it’s wireless, this generally assumes devices are connected for less
time and so have a lease of only eight hours. Wired devices are normally more
permanent fixtures in the environment and therefore have a lease of six days.
Check the Activate the Scope option and click OK. Click Next after scopes have
been defined.

FIGURE 5 Configuring scope options.

9. The option to enable DHCPv6 protocol on the server is displayed. It is set to Yes,
so click Next. If you are not using IPv6, disable this setting for now. You can
enable it in the future.
10. The DNS settings for IPv6 DNS must be configured if you selected to enable
DHCPv6. After the configuration is done, click Next.
 11. Finally, the DHCP server must be authorized with the current credentials or an
alternate set of credentials. You can also decide to skip the authorization. Make
a choice and click Next (see

FIGURE 6. Selecting credentials for authorizing a DHCP server.

12. A summary of the configuration is displayed, which can be output to an HTML file
and opened in Internet Explorer Click Install to start the DHCP installation. After
the install is complete, a summary is displayed. Click Close.

FIGURE 7 DHCP server role installation progress display