{"id":1354,"date":"2018-04-18T22:45:07","date_gmt":"2018-04-18T22:45:07","guid":{"rendered":"http:\/\/wiki.thomasandsofia.com\/?p=1354"},"modified":"2018-04-20T02:25:21","modified_gmt":"2018-04-20T02:25:21","slug":"building-a-windows-server-2016-domain-controller","status":"publish","type":"post","link":"https:\/\/wiki.thomasandsofia.com\/?p=1354","title":{"rendered":"Building a Windows Server 2016 Domain Controller"},"content":{"rendered":"<p><a href=\"http:\/\/wiki.thomasandsofia.com\/2018\/04\/18\/microsoft-windows-server-2016\/\">Main Menu<\/a><\/p>\n<ul>\n<li>What is a Windows Domain and Domain Controller<\/li>\n<li>Adding the Active Directory Domain Services Role<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h1>What is a Windows Domain and Domain Controller?<\/h1>\n<p>12: <a href=\"https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/5836884?start=15\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/5836884?start=15<\/a><\/p>\n<h2>Windows Domains<\/h2>\n<ul>\n<li>Domains have been around since Windows NT (1993)<\/li>\n<li>Allows administrators to manage large computer networks<\/li>\n<li>Generally contain a large number of computers on the same network.<\/li>\n<\/ul>\n<h2>Windows Domain Controller<\/h2>\n<ul>\n<li>Often referred to as a &#8220;DC&#8221;<\/li>\n<li>Any server with AD DS role (Active Directory Domain Services)<\/li>\n<li>Responds to security authentication requests<\/li>\n<li>Contains Active Directory &amp; Group Policy<\/li>\n<li>Can have several DC in a domain, but only one Primary\n<ul>\n<li>Fault tolerance<\/li>\n<li>Critical data is replicated between the DCs<\/li>\n<\/ul>\n<\/li>\n<li>Directory Service called &#8220;Active Directory Users and Computers&#8221;\n<ul>\n<li>&#8220;Active Directory&#8221; and &#8220;Active Directory Users and Computers&#8221; are the same thing.<\/li>\n<li>User Accounts (Usernames and passwords)<\/li>\n<li>Computers<\/li>\n<\/ul>\n<\/li>\n<li>Also acts as a directory service for resources on your network\n<ul>\n<li>Printers<\/li>\n<li>File Shares<\/li>\n<li>When looking for a new Printer to install, all should be located within Active Directory<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>DC &#8211; Active Directory<\/h2>\n<ul>\n<li>Contains objects (All considered AD Objects)\n<ul>\n<li>Users<\/li>\n<li>Computers<\/li>\n<li>Printers<\/li>\n<li>File Shares<\/li>\n<li>Groups<\/li>\n<\/ul>\n<\/li>\n<li>Group Objects\n<ul>\n<li>Contain Members which can be ANY AD Object.<\/li>\n<li>Default Groups\n<ul>\n<li>Domain Admins<\/li>\n<li>Domain Users<\/li>\n<li>Many more<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Organizational Units (OUs)\n<ul>\n<li>Are used to group objects<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>DC &#8211; Group Policy Management<\/h2>\n<p><a href=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2018\/04\/a.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1357\" src=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2018\/04\/a.png\" alt=\"\" width=\"668\" height=\"519\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2018\/04\/a.png 668w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2018\/04\/a-300x233.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2018\/04\/a-150x117.png 150w\" sizes=\"auto, (max-width: 668px) 100vw, 668px\" \/><\/a><\/p>\n<ul>\n<li>Used to manage all domain user and computer setting remotely<\/li>\n<li>Uses Group Policy Objects (GPOs) to mange client settings<\/li>\n<li>Target specific users, computers, groups or OUs.<\/li>\n<li>Configure Desktop backgrounds<\/li>\n<li>Manage what websites can be visited<\/li>\n<li>Manage and configure security settings.<\/li>\n<\/ul>\n<h2>Conclusion<\/h2>\n<ul>\n<li>A Windows Domain allows manaement of large computer networks<\/li>\n<li>Use at least ONE Windows server called a DC (Domain Controller)\n<ul>\n<li>A DC is any server with the AD DS role (Active Directory Domain Services)<\/li>\n<\/ul>\n<\/li>\n<li>DCs respond to authentication requests across the domain<\/li>\n<li>DCs have the tools AD (Active Directory) and GP (Group Policy)<\/li>\n<li>AD contains Objects and OUs (Organizational Units)<\/li>\n<li>GP contains GPOs (Group Policy Objects) that manage AD objects<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h1>Adding the Active Directory Domain Services Role<\/h1>\n<p>13: <a href=\"https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/5836888?start=0\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/5836888?start=0<\/a><\/p>\n<p>Any server running the AD DS role is considered a Domain Controller<\/p>\n<ul>\n<li>Server Manager &gt; Manage &gt; Add Roles and Features<\/li>\n<li>Before you Begin\n<ul>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Select Installation Type\n<ul>\n<li>Role-based or feature-based installation<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Select destination server\n<ul>\n<li>(*) Select a server from the server pool<\/li>\n<li>Server Pool &gt; Select your server<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Select server roles\n<ul>\n<li>Roles &gt; [X] Active Directory Domain Services<\/li>\n<li>Add features that are required for Active Directory Domain Services?\n<ul>\n<li>[X] Include management tools (if applicable)<\/li>\n<li>[Add Features]<\/li>\n<\/ul>\n<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Select features\n<ul>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Active Directory Domain Services\n<ul>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Confirm installation selections\n<ul>\n<li>[(Optional)] Restart the destination server automatically if required<\/li>\n<li>[Install]<\/li>\n<li>This took about 1 minute on AWS t2-micro<\/li>\n<\/ul>\n<\/li>\n<li>Click the Notification Flag \/!\\ on the top menu bar\n<ul>\n<li>Click &#8216;Promote this server to a domain controller&#8217;<\/li>\n<\/ul>\n<\/li>\n<li>Deploy Configuration\n<ul>\n<li>Select the deployment operation\n<ul>\n<li>(*) Add a new forest<\/li>\n<\/ul>\n<\/li>\n<li>Root domain name: domain.com<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Domain Controller Options\n<ul>\n<li>Specify domain controller capabilities\n<ul>\n<li>[X] Domain Name System (DNS) server<\/li>\n<li>[X] Global Catalog (Required for Primary DC)<\/li>\n<li>[ ] Read only domain controller (RODC)<\/li>\n<\/ul>\n<\/li>\n<li>Password:\n<ul>\n<li>Used for maintenance and troubleshooting<\/li>\n<\/ul>\n<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>DNS Options\n<ul>\n<li>Notice: A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found&#8230;<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Additional Options\n<ul>\n<li>NetBIOS name: Leave default\n<ul>\n<li>Short name of domain.\u00a0 Legacy?<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Paths\n<ul>\n<li>Leave all defaults.<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Review Options\n<ul>\n<li>[View Script] to see Powershell script to setup everything we just did with the wizard.<\/li>\n<li>[Next &gt;]<\/li>\n<\/ul>\n<\/li>\n<li>Prerequisite Check\n<ul>\n<li>Validates that the system is ready.\u00a0 Some notices are expected.<\/li>\n<li>All prerequisite checks passed successfully. Click &#8216;Install&#8217; to begin installation. &gt; [Install]\n<ul>\n<li>if this does not display after a few minutes, fix the errors and click &#8220;Rerun prerequisites check&#8221; link to re-run the validation.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Downloading Windows 10<\/h1>\n<p>14: Lame<\/p>\n<h1>Installing Windows 10<\/h1>\n<p>15: <a href=\"https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/6065548?start=0\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/6065548?start=0<\/a><\/p>\n<p><a href=\"http:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2018\/04\/Installing-Windows-10-Handout.pdf\" target=\"_blank\" rel=\"noopener\">Installing-Windows-10-Handout<\/a><\/p>\n<h1>Joining our Workstation to our Domain<\/h1>\n<p>16: <a href=\"https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/6065552?start=0\" target=\"_blank\" rel=\"noopener\">https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/6065552?start=0<\/a><\/p>\n<p>This was almost too easy.<\/p>\n<ul>\n<li>Set the dns for the IPv4 to the IP of the Domain Controller<\/li>\n<li>When changing the name of the server, you can select the domain to join.\u00a0 Enter the FQDN<\/li>\n<li>Enter the Administrator&#8217;s username and password of the DC to join the domain.\n<ul>\n<li>This is done to confirm the computer is allowed to join the domain.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Main Menu What is a Windows Domain and Domain Controller Adding the Active Directory Domain Services Role &nbsp; What is a Windows Domain and Domain Controller? 12: https:\/\/www.udemy.com\/windows-server-2016\/learn\/v4\/t\/lecture\/5836884?start=15 Windows Domains Domains have been around since Windows NT (1993) Allows administrators to manage large computer networks Generally contain a large number of computers on the same ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/?p=1354\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37],"tags":[],"class_list":["post-1354","post","type-post","status-publish","format-standard","hentry","category-microsoft-windows-server-2016"],"_links":{"self":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/1354","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1354"}],"version-history":[{"count":6,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/1354\/revisions"}],"predecessor-version":[{"id":1356,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/1354\/revisions\/1356"}],"wp:attachment":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}