The Introduction of Active Directory with the release of Windows 2000, marked a radical change for the Windows Server platform, something that people are still only getting adjusted to. As a central factor of the Windows platform, Active Directory service helps to manage identities and relationships that constitute a network environment.
An important point to note is that Windows Server 2003 makes Active Directory much easier to manage, providing an ease for migration and deployment. In this article, we will be taking a brief look at the steps to set up a simple Active Directory System.
An Active Directory Domain is a logical grouping of computers that share common security and user account information, for the purpose of centralized administration. A computer that maintains the directory information for a domain is called a Domain Controller. In other words, the machine on which we install active directory becomes the domain controller.
Before getting into the implementation of an active directory, it’s important to understand its significance in a corporate network. Consider a small network having about 30 computers. In this case, it is easy for the user to search for a network file share or network printer by simply specifying its physical location.
But how about the case of a corporate network, which could be having hundreds of computers that are spread across the country. And here exactly lies the importance of an active directory, which allows a user to search for a published resource without any overhead.
 |
Expanding on the foundation that was set up in Windows 2000, Windows Server 2003 definitely has improved the versatility, manageability, and dependability of Active Directories. |
Here’s yet another scenario where Active Directory can become useful. In a non-active directory network, the profiles for the user accounts are stored locally in that machine. A user will need to have accounts in every machine in which he has to login. Whereas, in the case of an active directory based network, there exists a centralized user profile and the employees can login to any machine under the domain. You can well imagine the amount of time that can be saved by an administrator with this and also the flexibility that it provides to its users.
Active Directory Installation Requirements
- Windows 2000 server / Windows 2003 server
- Administrative Privileges
- TCP/IP should be configured with DNS.
- DNS server with SRV records.
- A minimum of 250 MB free hard disk space. 200 MB of which is for the NTDS database files and 50 MB for the transaction log (Need not be in the NTFS partition)
- At least one NTFS partition for public data (SYSVOL)
Active Directory Installation
You can set up an active directory by running the “dcpromo” utility and then completing the resulting wizard. Let’s have a look into the steps in detail.
-
Before running DCPROMO, you need to configure the NIC card with an IP address and also the IP address of the DNS server. You can specify the same IP for both the entries, if you are going to setup the DNS server in the same machine itself.
-
Run DCPROMO.
-
On the “Domain Controller Type” page, choose the option “Domain controller for a new domain”.
-
On the “Create a New Domain” page, select the option “Domain in a new forest”, since you are creating the first tree in the forest.
-
The next one is the “New Domain Name” page that allows you to specify the name of the new domain that you are creating.
-
On the “NetBIOS Domain Name” page, you should specify a NetBIOS name for the machine.
-
In the “Database and log Folders” page, specify the file system locations for the active directory database and the log file. By default, this will be: C:WINDOWSNTDS.
-
Next is the “Shared System Volume” page, which allows you to select the file system location for the shared system volume folder. This folder is used to store the domain information that is replicated to all the other domain controllers of the domain. In the default case, it is: C: WINDOWSSYSVOL.
-
On the “Directory Services Restore Mode Administrative Password” page, you need to provide a “Directory Services Restore Mode Administrative Password”. In the event of Active directory loss or corruption, this password is used to restore the Active Directory.
-
In the last page, “Summary”, you will be presented with a summary of all your choices. Verify the options and click the “Next” button to kick off the Active Directory Installation process.
|
An Active Directory Domain is a logical grouping of computers that share common security and user account information, for the purpose of centralized administration. |
That completes the steps to install an Active Directory system. Now, let’s have a look at the steps required to join a client computer to the domain.
-
Select System Applet from Control Panel.
-
Select Network Identification Tab. Click change.
-
Next, choose the Domain tab. Type in the name of the Active directory domain that this computer should join.
-
Enter the administrative login details of the domain.
-
Now reboot the computer for the changes to take effect.
Conclusion
This article explains only the steps that are required to set up a single domain Active Directory system in Windows 2003. Expanding on the foundation that was set up in Windows 2000, Windows Server 2003 definitely has improved the versatility, manageability, and dependability of Active Directories.
Organizations can benefit from further reductions in cost, along with the increase in efficiency. It also enhances the administrator’s ability to efficiently manage an Active Directory system even in very large enterprises with better tools like drag-and-drop capabilities, multi-object selection, and the ability to save and re-use queries.
When the current version of Active Directory is so good to go by, its future is indeed promising.
About the Author :
Hari Vishnu, Software Engineer has been working with Bobcares for more than an year now. He has expertise in both Windows and Linux server Administration, and he is considered to be a master when it comes to Windows servers. Apart from the technical side, he has gained a reputation as a gifted stage performer too.
Dear Hari,
I read your article (Active Directory) published in Bobcares site.It is very useful information for system administration.We are expecting these articles in future also.
Thanks&Regards
Muhamed.S
System Admin
Logic Software Solutions
TVM