Scenario
A. Datum Corporation is a global engineering and manufacturing company with a head office based in London, England. An IT office and a data center are located in London to support the London location and other locations. A. Datum has recently deployed a Windows Server 2012 infrastructure with Windows 8 clients.
You have been asked by your manager to install a new domain controller in the data center to improve logon performance. You have been asked also to create a new domain controller for a branch office by using IFM.
Objectives
After performing this lab, you will be able to:
• Install a domain controller.
• Install a domain controller by using IFM.
Lab Setup
Estimated Time: 45 minutes
Virtual machines DC1 (start first) SVR1 RTR
20410B-LON-SVR2
User name Adatum\Administrator
Password Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before beginning the lab, you must complete the following steps:
1. On the host computer, click Start, point to Administrative Tools, and then click Hyper-V Manager.
2. In Hyper-V® Manager, click 20410B-LON-DC1, and in the Actions pane, click Start.
3. In the Actions pane, click Connect. Wait until the virtual machine starts.
4. Sign in using the following credentials:
o User name: Administrator o Password: Pa$$w0rd o Domain: Adatum
5. Repeat steps 1 to 3 for 20410B-LON-SVR1, 20410B-LON-RTR, and 20410B-LON-SVR2.
Exercise 1: Installing a Domain Controller
Scenario
Users have been experiencing slow logons in London during peak usage times. The server team has determined that the domain controllers are overwhelmed when many users are authenticating simultaneously. To improve logon performance, you are adding a new domain controller in the London data center.
The main tasks for this exercise are as follows:
1. Add an Active Directory® Domain Services (AD DS) role to a member server.
2. Configure a server as a domain controller.
3. Configure a server as a Global Catalog server.
Task 1: Add an Active Directory Domain Services (AD DS) role to a member server
1. On LON-DC1, in Server Manager, add LON-SVR1 to the server list.
2. Add the Active Directory Domain Services server role to LON-SVR1. Add all required features as prompted.
3. Installation will take several minutes. When the installation completes, click Close to close the Add Roles and Features Wizard.
Task 2: Configure a server as a domain controller
• On LON-DC1, use Server Manager to promote LON-SVR1 to a domain controller, and choose the following options:
o Add a domain controller to the existing Adatum.com domain.
o Use the credentials Adatum\Administrator with the password Pa$$w0rd.
o For Domain Controller Options, install the Domain Name System, but remove the selection to install the global catalog.
o The DSRM password is Pa$$w0rd.
o For all other options, use the default options.
Task 3: Configure a server as a Global Catalog server
1. Sign in to LON-SVR1 as Adatum\Administrator with the password Pa$$w0rd.
2. Use Active Directory Sites and Services to make LON-SVR1 a global catalog server.
Results: After completing this exercise, you should have explored Server Manager and promoted a member server to be a domain controller.
Exercise 2: Installing a Domain Controller by Using IFM
Scenario
You have been assigned by management to manage one of the new branch offices that are being configured. A faster network connection is scheduled to be installed in a few weeks. Until that time, network connectivity is very slow.
It has been determined that the branch office requires a domain controller to support local logons. To avoid problems with the slow network connection, you are using IFM to install the domain controller in the branch office.
The main tasks for this exercise are as follows:
1. Use the Ntdsutil tool to generate IFM.
2. Add the AD DS role to the member server.
3. Use IFM to configure a member server as a new domain controller.
Task 1: Use the Ntdsutil tool to generate IFM
• On LON-DC1, open an administrative command-line interface, and use Ntdsutil to create an IFM backup of both the AD DS database and the SYSVOL folder. The commands to create the backup are as follows:
Ntdsutil Activate instance ntds Ifm Create sysvol full c:\ifm
Task 2: Add the AD DS role to the member server
1. Switch to LON-SVR2, and sign in as Adatum\Administrator with the password Pa$$w0rd.
2. Open a command prompt and map the drive letter K: to \\LON-DC1\C$\IFM.
3. Use Server Manager to install the AD DS server role on LON-SVR2.
Task 3: Use IFM to configure a member server as a new domain controller
1. On LON-SVR2, open a command prompt and then copy the IFM backup from K: to C:\ifm.
2. On LON-SVR2, use Server Manager with the following options to perform the post-deployment configuration of AD DS:
o Add a domain controller to the existing Adatum.com domain.
o Use Adatum\administrator with the password Pa$$w0rd for credentials.
o Use Pa$$w0rd for the DSRM password.
o Use the IFM media to configure and install AD DS. Use the location C:\IFM for the IFM media.
o Accept all other defaults.
3. Restart LON-SVR2 to complete the AD DS installation.
Results: After completing this exercise, you should have installed an additional domain controller for the branch office by using IFM.
To prepare for the next module
When you have completed the lab, revert the virtual machines back to their initial state. To do this, complete the following steps:
1. On the host computer, start Hyper-V Manager.
2. In the Virtual Machines list, right-click 20410B-LON-DC1, and then click Revert.
3. In the Revert Virtual Machine dialog box, click Revert.
4. Repeat steps 2 and 3 for 20410B-LON-SVR1, 20410B-LON-RTR, and 20410B-LON-SVR2.
Module Review and Takeaways
Review Questions
Question: What are the two main purposes of OUs?
Question: Why would you need to deploy an additional tree in the AD DS forest?
Question: Which deployment method would you use if you had to install an additional domain controller in a remote location that had a limited WAN connection?
Question: If you needed to promote a Server Core installation of Windows Server 2012 to be a domain controller, which tool or tools could you use?