Installing Active Directory
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
The Active Directory Installation Wizard creates the Active Directory database and moves objects from the Windows NT 4.0 Security Accounts Manager (SAM) to the Active Directory database.
Note
- When you are upgrading to a regional domain in an existing Active Directory forest, ensure that the domain naming master in the forest root domain is running Windows Server 2003 before installing Active Directory on the newly upgraded PDC. This ensures that application directory partitions are created on the first domain controller in the new regional domain.
In addition, on the first domain controller in a new regional domain in an existing forest, the wizard does the following:
Prompts the administrator to verify the installation and configuration of the DNS Server service.
Configures DNS recursive name resolution forwarding by adding the IP addresses of the existing entries for Preferred DNS server and Alternate DNS server to the list of DNS servers on the Forwarders tab of the Properties sheet for the domain controller.
Configures DNS recursive name resolution by root hints, by adding the root hints that are configured on the Preferred DNS server to the list of DNS servers on the Root Hints tab of the Properties sheet for the domain controller.
Configures the Preferred DNS server to point to the DNS server that is running locally on the domain controller, and configures the Alternate DNS server to point to the closest DNS server.
Creates the DomainDnsZones application directory partition that is used by DNS to hold domain-wide DNS data.
Table 8.5 lists information to install Active Directory on an upgraded Windows NT 4.0 PDC and sample data for installing Active Directory on the first domain controller in a new regional domain in the trccorp.treyresearch.net forest, SEA-EAST-DC01.
Table 8.5 Information to Install Active Directory on a Windows NT 4.0 PDC
| Wizard Page or Dialog Box | Action | Example |
|---|---|---|
Create New Domain |
Select ChildDomain in an existing domain tree |
|
Network Credentials |
Type the user name and password of an account with sufficient privileges to install Active Directory on this computer, and the fully qualified domain name of the parent domain. |
|
Child Domain Installation |
Enter the full DNS name of the parent domain and the single label name of the new regional domain. |
trccorp.treyresearch.net east |
Database and Log Folders |
Type the folder locations specified by your design |
The design for Trey Research specifies that the database folder remain in the default location: C:\Winnt\Ntds, and that the log folder is placed on a separate partition: D:\Logs |
Shared System Volume |
Confirm or type the location specified by your design |
C:\Winnt\Sysvol |
DNS Registration Diagnostics |
DNS Registration Diagnostics will indicate that it cannot find the name and address of the DNS server with which this domain controller will be registered. This is because the pre-created delegation record points to the local computer and DNS has not been installed on the domain controller at this point. Select the option to Install and configure the DNS server on this computer and set this computer to use this DNS server as its preferred DNS server. |
|
Permissions |
Select the security level specified by your design:
|
Because Trey Research currently has services running on Windows NT 4.0–based servers under the context of the Local System account, they selected Permissions compatible with pre-Windows 2000 server operating systems. |
Directory Service Restore Mode Administration Password |
In the Password and Confirm password boxes, type any strong password |
Verify that all information on the Summary page is accurate, and then click Finish. After the Active Directory Installation Wizard finishes, you will be prompted to restart the computer. The installation will not be complete until the computer restarts.
For more information about installing and removing Active Directory, see the Active Directory Collection of the Windows Server 2003 Technical Reference (or see the Active Directory Collection on the Web at https://www.microsoft.com/reskit).
After you install Windows Server 2003 Active Directory, enable Remote Desktop for Administration, formerly known as Terminal Services in Remote Administration mode, to enable administrators to log on remotely if necessary. To enable Remote Desktop for Administration, in Control Panel, double-click System, select the Remote tab, and then select Allow users to connect remotely to this computer.