Active Directory® Domain Services (AD DS) controls the core security of the Windows® network environment. The directory service is responsible for authenticating user and computer accounts within the AD DS infrastructure. In addition, the directory service provides a mechanism for centralized, delegated administration of resources within the forest. To develop and implement a successful design of AD DS, numerous questions must be answered and many decisions and strategies must be determined. Considerations for performance, security, manageability, scalability, and many other criteria must be addressed if the design is to be successful. . The purpose of this guide is to assist designers in the decisionmaking process by providing a clear and concise path for designing the AD DS infrastructure, given the relative context. This guide relies on best practices and real-world experience to offer considerations and alternatives at each point in the design. This guide, when used in conjunction with product documentation, will help companies confidently plan an AD DS implementation. The appendix includes a sample job aid for recording the decisions made during the design process.
AD DS features includes:
Centralized Directory Single Sign-on access Integrated Security Scalability Common Management Console
Step 1: CREATE A DOMAIN CONTROLLER IN THE WOODGROVE HEADQUARTER, LOS ANGELES
Task 1: Start the server NYC-DC1 in Los Angeles
1. Start the server NYC-DC1 and log on as Administrator with the password Pa$$w0rd. 2. Click Start, Click Run and in run dialog box, type dcpromo.exe. 3. In the Welcome to Active Directory Installation Wizard, click Next. 4. In the Operating System Compatibility Window, Click Next. 5. In the Domain Controller Type wizard, ensure that Domain Controller for a New Domain is selected. Click Next. 6. In the Create New Domain Wizard, click the Domain in a new Forest and click Next. 7. In the New Domain Name wizard, in the Full DNS Name for New Domain text box, type Woodgrovebank.com and then click Next. 8. Leave the default Domain NetBIOS Name and click Next. 9. In the Database and Log Folders Window, leave the default and click Next. 10. In the Shared System Volume, leave the default folder location and click Next. 11. In the DNS Registration Diagnostics window, ensure that Install and Configure the DNS server on this computer, and set this computer to use this DNS server as its preferred DNS server is selected, and then click Next. 12. Type the password Pa$$w0rd in the Restore Mode Password text box and confirm Password text box and click Next. 13. In the Summary Window, click Next. 14. An Active Directory Installation Wizard will open showing the installation of Active Directory Domain Services. 15. After the completion of Active Directory, click Finish.
16. The system will prompt for the system restart, click Restart Now, then the system will reboot.
Step 2: INSTALL AND CONFIGURE DNS SERVER
1. Click Start, click Administrative Tools and then click Server Manager. 2. In the Server Manager Window, Click Roles and in the Menu Pane, click Add Roles. 3. Click Next in the Before you Begin Page. 4. In the Server Roles page, click the DNS Server check box and click Next. 5. Click Next in the DNS Server Page. 6. Click Install in the Confirm Installation Selections. This will install the DNS Server in the server. 7. Click Close in the Installation Results wizard.
Step 3: INSTALL AND CONFIGURE DHCP SERVER
1. On NYC-DC1, open Server Manager, Right-click Roles, and then click Add Roles. 2. On the Before you Begin page, click Next. 3. On the Select Server Roles page, select the DHCP Server and Network Policy and Access Services check boxes, and then click Next twice. 4. On the Select Role Services page, select the Network Policy Server check box, and then click Next twice. 5. On the Select Network Connection Bindings page, verify that 10.10.0.10 is selected. 6. On the Specify DNS Server Settings page, verify that woodgrovebank.com is listed under Parent domain. 7. Type 10.10.0.10 under Preferred DNS server IP address, and click Validate. Verify that the result returned is Valid, and then click Next. 8. On the Specify WINS Server Settings page, accept the default setting of WINS is not required for application in this network, and then click Next 9. On the Add or Edit DHCP Scopes page, click Add. 10. In the Add Scope dialog box, type Scope next to Scope Name. Next to Starting IP Address, type 10.10.0.50; next to Ending IP Address, type 10.10.0.199; and next to Subnet Mask, type 255.255.0.0. 11. Select the Activate this scope check box, and then click OK, and then click Next.
12. On the Configure DHCPv6 Stateless Mode page, select Disable DHCPv6 stateless mode for this server, and then click Next. 13. On the Authorize DHCP Server page, select Use current credentials. Verify that Woodgrovebank\administrator is displayed next to Username, and then click Next. 14. On the Confirm Installation Selections page, click Install. 15. Verify the installation was successful, and then click Close. 16. Close the Server Manager window.