Building a Windows Server 2016 Domain Controller

  Microsoft Windows Server 2016

Main Menu

  • What is a Windows Domain and Domain Controller
  • Adding the Active Directory Domain Services Role

 

What is a Windows Domain and Domain Controller?

12: https://www.udemy.com/windows-server-2016/learn/v4/t/lecture/5836884?start=15

Windows Domains

  • Domains have been around since Windows NT (1993)
  • Allows administrators to manage large computer networks
  • Generally contain a large number of computers on the same network.

Windows Domain Controller

  • Often referred to as a “DC”
  • Any server with AD DS role (Active Directory Domain Services)
  • Responds to security authentication requests
  • Contains Active Directory & Group Policy
  • Can have several DC in a domain, but only one Primary
    • Fault tolerance
    • Critical data is replicated between the DCs
  • Directory Service called “Active Directory Users and Computers”
    • “Active Directory” and “Active Directory Users and Computers” are the same thing.
    • User Accounts (Usernames and passwords)
    • Computers
  • Also acts as a directory service for resources on your network
    • Printers
    • File Shares
    • When looking for a new Printer to install, all should be located within Active Directory

DC – Active Directory

  • Contains objects (All considered AD Objects)
    • Users
    • Computers
    • Printers
    • File Shares
    • Groups
  • Group Objects
    • Contain Members which can be ANY AD Object.
    • Default Groups
      • Domain Admins
      • Domain Users
      • Many more
  • Organizational Units (OUs)
    • Are used to group objects

DC – Group Policy Management

  • Used to manage all domain user and computer setting remotely
  • Uses Group Policy Objects (GPOs) to mange client settings
  • Target specific users, computers, groups or OUs.
  • Configure Desktop backgrounds
  • Manage what websites can be visited
  • Manage and configure security settings.

Conclusion

  • A Windows Domain allows manaement of large computer networks
  • Use at least ONE Windows server called a DC (Domain Controller)
    • A DC is any server with the AD DS role (Active Directory Domain Services)
  • DCs respond to authentication requests across the domain
  • DCs have the tools AD (Active Directory) and GP (Group Policy)
  • AD contains Objects and OUs (Organizational Units)
  • GP contains GPOs (Group Policy Objects) that manage AD objects

 

Adding the Active Directory Domain Services Role

13: https://www.udemy.com/windows-server-2016/learn/v4/t/lecture/5836888?start=0

Any server running the AD DS role is considered a Domain Controller

  • Server Manager > Manage > Add Roles and Features
  • Before you Begin
    • [Next >]
  • Select Installation Type
    • Role-based or feature-based installation
    • [Next >]
  • Select destination server
    • (*) Select a server from the server pool
    • Server Pool > Select your server
    • [Next >]
  • Select server roles
    • Roles > [X] Active Directory Domain Services
    • Add features that are required for Active Directory Domain Services?
      • [X] Include management tools (if applicable)
      • [Add Features]
    • [Next >]
  • Select features
    • [Next >]
  • Active Directory Domain Services
    • [Next >]
  • Confirm installation selections
    • [(Optional)] Restart the destination server automatically if required
    • [Install]
    • This took about 1 minute on AWS t2-micro
  • Click the Notification Flag /!\ on the top menu bar
    • Click ‘Promote this server to a domain controller’
  • Deploy Configuration
    • Select the deployment operation
      • (*) Add a new forest
    • Root domain name: domain.com
    • [Next >]
  • Domain Controller Options
    • Specify domain controller capabilities
      • [X] Domain Name System (DNS) server
      • [X] Global Catalog (Required for Primary DC)
      • [ ] Read only domain controller (RODC)
    • Password:
      • Used for maintenance and troubleshooting
    • [Next >]
  • DNS Options
    • Notice: A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found…
    • [Next >]
  • Additional Options
    • NetBIOS name: Leave default
      • Short name of domain.  Legacy?
  • Paths
    • Leave all defaults.
    • [Next >]
  • Review Options
    • [View Script] to see Powershell script to setup everything we just did with the wizard.
    • [Next >]
  • Prerequisite Check
    • Validates that the system is ready.  Some notices are expected.
    • All prerequisite checks passed successfully. Click ‘Install’ to begin installation. > [Install]
      • if this does not display after a few minutes, fix the errors and click “Rerun prerequisites check” link to re-run the validation.

Downloading Windows 10

14: Lame

Installing Windows 10

15: https://www.udemy.com/windows-server-2016/learn/v4/t/lecture/6065548?start=0

Installing-Windows-10-Handout

Joining our Workstation to our Domain

16: https://www.udemy.com/windows-server-2016/learn/v4/t/lecture/6065552?start=0

This was almost too easy.

  • Set the dns for the IPv4 to the IP of the Domain Controller
  • When changing the name of the server, you can select the domain to join.  Enter the FQDN
  • Enter the Administrator’s username and password of the DC to join the domain.
    • This is done to confirm the computer is allowed to join the domain.

 

 

LEAVE A COMMENT