Active Directory Configurations

When you are installing Active Directory on a stand-alone server (a member of a workgroup) or member server (a member of a Windows 2000 domain) that is running Windows 2000 Server, you can create one of the following configurations:

• The first domain in a new tree in a new forest

• The first domain in a new tree in an existing forest.

• A child domain in an existing tree.

• An additional domain controller in an existing domain.

During the installation of Windows 2000 Server, the default Active Directory database file (Ntds.dit) is placed in the %SystemRoot%\System32 directory. In this location, the file does not function as the directory database; it exists as a distribution copy so that you do not have to use the operating system CD to install Active Directory.

Ntds.dit includes the default copy of the schema and configuration directory partitions, as well as a default domain directory partition. During the installation of Active Directory, the default copy of the schema and configuration directory partitions (along with the domain directory partition if the domain controller is an additional domain controller in the domain) are synchronized with existing domain controllers for that domain. At the completion of the installation process, Active Directory is fully synchronized and available for updates on the new server.

Note

During the installation of Active Directory, you can stop the replication process and allow noncritical replication to finish later. To stop the replication process, click the Finish Replication Later button when it appears. Replication then continues after the computer is restarted as part of the normal replication activity of the domain controller. The domain controller does not advertise itself until replication is complete.

Installation of Active Directory occurs through different pathways, depending on the nature of the Windows 2000 Server installation. The following are the scenarios for installing Windows 2000 Server:

• When you install Windows 2000 Server as the first operating system (fresh install) or replace or upgrade an existing operating system on a computer that is not a domain controller, you create either a Windows 2000 stand-alone server or member server, and then install Active Directory as one of the following:

  • A new domain

  • An additional domain controller in an existing domain

• When you upgrade an existing Windows NT 4.0 backup domain controller, the Active Directory Installation Wizard starts automatically after the upgrade setup is completed. In this case, there are two choices; do either of the following:

  • Add Active Directory, which creates an additional domain controller in an existing domain.

  • Convert the backup domain controller to a member server joined to an existing domain.

• When you upgrade an existing Windows NT 4.0–based primary domain controller, you have to install Active Directory as a new domain.

Figure 2.9 shows the various pathways from Windows 2000 Server setup to Active Directory installation.

Figure 2.9 Windows 2000 Server Setup and Active Directory Installation

For more information about trees and forests, see "Active Directory Logical Structure" in this book. For more information about the Ntds.dit file, see "Directory Data Store" earlier in this chapter. For more information about directory partitions, see "Directory Partitions" earlier in this chapter.