Chapter 01: Environment Deployment

Author: Matt Song
Date: 12/25/2010

Topology:

clip_p_w_picpath002

Machine List:

Hostname

Domain

IP

OS

SKU

Role

DCR2SP1NODE01

contoso.ha

192.168.1.145

Windows 2008 R2 SP2

ENT

Cluster Node

DCR2SP1NODE02

contoso.ha

192.168.1.146

Windows 2008 R2 SP2

ENT

Cluster Node

DCCRONTROLLER

contoso.ha

192.168.1.140

Windows 2008 R2

ENT Core

Domain Controller

Openfiler

N/A

192.168.1.180

Openfiler 2.3

N/A

Storage Server

Step 1: Promo a machine to domain controller to create a domain

About how to promo a full installed machine to domain controller, refer to:

http://mattsong.blog.51cto.com/2355482/428622

This time we gonna promo machine with server core SKU installed, which is a little different with promotion on a full installed server. The most common way (or should say the most lazy way…) is generate a unattended file from another full installed windows 2K8 machine, and copy it to server core machine then run “dcpromo.exe /unattend:[unattended file] “ 

1. On DCR2SP1NODE01, run “dcpromo” to start AD domain service installation wizard

2. Configure everything you need, go to the summary page, click “Export Settings…” and save the unattended file.
clip_p_w_picpath004

3. By default, the unattended file won’t save the Safe Mode Admin Password you set on it, so open the unattended file, input a password behind “SafeModeAdminPassword=”. For more detail information you can refer to the script below:

; DCPROMO unattend file (automatically generated by dcpromo)
; Usage:
; dcpromo.exe /unattend:C:\Users\Administrator\Documents\unattend.txt
;
[DCInstall]
; New forest promotion
ReplicaOrNewDomain=Domain
NewDomain=Forest
NewDomainDNSName=contoso.ha
ForestLevel=4
DomainNetbiosName=CONTOSO
DomainLevel=4
InstallDNS=Yes
ConfirmGc=Yes
CreateDNSDelegation=No
DatabasePath="C:\Windows\NTDS"
LogPath="C:\Windows\NTDS"
SYSVOLPath="C:\Windows\SYSVOL"
; Set SafeModeAdminPassword to the correct value prior to using the unattend file
SafeModeAdminPassword=!!123abc
; Run-time flags (optional)
; RebootOnCompletion=Yes

4. Copy the unattended file to DCCRONTROLLER (you can use \\DCCRONTROLLER\C$), run “dcpromo.exe /unattend:C:\unattended.txt]”.
? Note: Always keep in mind, before you promo a server to DC, you should set a static IP address for your machine. For server core, it would be easy to achieve this by using “sconfig” command. Like the below figure shows:
clip_p_w_picpath006

5. Wait for a while until the system reboot, now our DC has been created J. You can use “systeminfo | findstr -i domain”
clip_p_w_picpath007

Step 2: Manage Domain Controller

After created the domain controller, we should do some settings to make it available for remote management.

Disable firewall

In our environment, firewall is needless since our case is just for test purpose, so just run “netsh advfirewall set currentprofile off” to disable it.

Note: On windows server 2008 R2 SP1 and further version, this command is not available any more. Instead we are using “netsh advfirewall”. Find more detail at:
http://support.microsoft.com/kb/947709

Enable remote management

1. On DCCRONTROLLER, run “sconfig” to start server configuration tool, input corresponding number to get into remote management setting page.
clip_p_w_picpath009

2. Choose 3 to enable server manager tool remote connection
clip_p_w_picpath011

Now, DCCRONTROLLER is ready for remote management.

Step 3: Configure the domain members

First thing we should do is join DCR2SP1NODE01 and DCR2SP1NODE02 into contoso.ha.

After these two node become domain member, now we will choose one of them to manage the DC.

1. On DCR2SP1NODE01, open Server Manager, right click “Roles” and click “Add Roles” to start Add Roles Wizard;

2. Select ”Active Directory Domain Services” and click “Next”;clip_p_w_picpath013

3. Go to the Confirmation page and click install

4. After installation finished, close server manager and reopen it, right click server manager and click “Connect to Another Computer”
clip_p_w_picpath015

5. Input DCCRONTROLLER and click “OK”;
clip_p_w_picpath017

6. Now you will see the server name was changed to “DCCONTROLLER” and you can almost manage all the settings DCCONTROLLER.
clip_p_w_picpath019

7. Navigate to the left side of “Role”, keep extending until you see the “Active Directory Users and Computers”. Sometime it may have a red cross on it, just right click it and click “Change domain controller”.
clip_p_w_picpath021

8. As the below figure shows, select the corresponding DC in your domain.
clip_p_w_picpath023

9. Now, it all done : )
clip_p_w_picpath025