Pages

Showing posts with label Active Directory. Show all posts
Showing posts with label Active Directory. Show all posts

Guide To Install Read-Only Domain Controller (RODC)

Before install a RODC in a domain environment it need to meet the following requirements,

  • Forest function level should be windows 2003 server or higher
  • Needs at least one writable domain controller running windows server 2008 or higher
If forest have any DC running windows server 2003 we need to adjust permissions on DNS application directory partition to allow them to replicate to RODC. It can be done by running adprep /RODCprep from windows 2012 server installation disk \support\adprep folder.
In my demo setup i do have a domain called contoso. Before start lets check the forest function level.
  • To do that, log in to the DC as domain admin and open "Server Manager"
  • Then from tools click on "Active Directory Domains and Trust"
rodc1
  • Right click on domain and select "Properties"
rodc2
As we can see here its runs with windows server 2012 R2 so we do not need to prepare domain
Read more »
0 comments
Labels: , , ,

GUIDE TO MIGRATE FSMO ROLES FROM WINDOWS 2003 SERVER TO WINDOWS 2012 R2 SERVER



Even its been over decade after windows server 2003 release , It’s no wonder that still organizations using windows server 2003 / windows server 2003 R2 as their domain controllers. Microsoft has announced that windows server 2003 / windows server 2003 R2 supports ends on 2015, July 14th (http://support2.microsoft.com/lifecycle/search/default.aspx?sort=PN&alpha=Microsoft+Windows+Server+2003&Filter=FilterNO). So the day has come to plan out for the upgrades if you still running those versions in infrastructure.


This guide will explain how we can transfer DC FSMO roles from windows server 2003 to windows server 2012 R2 which is latest. In Windows DC environment FSMO roles holds all the information about DC and its necessary to have all this 5 roles working correctly to maintain proper DC environment. The 5 FSMO roles as following,
•    Schema master
•    Domain naming master
•    RID master
•    PDC emulator
•    Infrastructure master
You can find more information about this roles from http://support.microsoft.com/kb/197132
For the demonstration I am using the following setup
Server Name
Operating System
Server Roles
canitpro-dc2k3.canitpro.local
Windows server 2003 SP2 x86
Active Directory FSMO roles, DNS
CANITPRO-DC2K12.canitpro.local
Windows server 2012 R2 x64
Additional Domain Controller, DNS
So in here I already added windows 2012 r2 server to domain and make it additional domain controller. Currently it do not hold any FSMO roles. My plan is to migrate all the FSMO roles in to windows 2012 r2 server.
role1
Note : In before if we adding windows 2008 server to windows 2003 environment, first we need to prepare the forest and domain schema by running adprep \forestprep and adprep \domainprep  from windows 2008 source files \ support \ adprep. But in windows 2012 you do not need to worry about it when adding 2012 as additional domain controller. When you run the dcpromo it will automatically update it in windows 2003 remotely.
Read more »
0 comments
Labels: , ,

GUIDE TO MIGRATE ACTIVE DIRECTORY CERTIFICATE SERVICE FROM WINDOWS SERVER 2003 TO WINDOWS SERVER 2012 R2.


Microsoft has already announced that windows server 2003 / windows server 2003 R2 versions support is coming to end in 14th July 2015 (http://support2.microsoft.com/lifecycle/search/default.aspx?sort=PN&alpha=Microsoft+Windows+Server+2003&Filter=FilterNO). It’s no wonder that some organizations still uses windows server 2003 versions in production environment.


If you still not plan for migration from legacy windows server versions, well time has come!!
This guide will explain how we can migrate AD CS from windows server 2003 to windows server 2012 R2.
In this demonstration I am using following setup.
Server Name
Operating System
Server Roles
canitpro-casrv.canitpro.local
Windows Server 2003 R2 Enterprise x86
AD CS ( Enterprise Certificate Authority )
CANITPRO-DC2K12.canitpro.local
Windows Server 2012 R2 x64
-
Backup windows server 2003 certificate authority database and its configuration
•    Log in to Windows 2003 Server as member of local administrator group
•    Go to Start > Administrative Tools > Certificate Authority
adcs1
•    Right Click on Server Node > All Tasks > Backup CA
adcs2
•    Then it will open the “Certification Authority Backup Wizard” and click “Next” to continue
adcs3
•    In next window click on check boxes to select options as highlighted and click on “Brows” to provide the backup file path location where it will save the backup file. Then click on “Next” to continue
Read more »
0 comments
Labels: , , , , , ,

GUIDE STEPS TO SETUP ACTIVE DIRECTORY ON WINDOWS SERVER 2008

This tutorial will explain how to install AD on server 2008,as well as for windows 2008 R2.

Requirement:
Minimum: Single processor with 1.4 GHz (x64 processor) or 1.3GHz (Dual Core)
Minimum: 512 MB RAM
Minimum: 32 GB or greater
  • The first step is to assign a ip to the server that you going to deploy the AD. Its nessary to install it as DNS server too. So its better to have fixed ip it doesn't mean you cannot install AD without fixed ip address but it will solve lot of issues if you used fixed ip.
In here the server ip is 10.0.0.14. Since we going to make it as DNS server too you should use the
Read more »
0 comments
Labels: , ,
Subscribe to: Posts (Atom)
 

RECENT ARTICLES

Recent Articles

BLOG CONTENTS

Loading...