Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Section A.5. Chapter 6: Creating the Simple Ad: The One-Domain, One-Location...

A.5. Chapter 6: Creating the Simple Ad: The One-Domain, One-Location AD


Create a single-domain forest

Any Windows Server 2008 R2 server can be promoted to a domain controller to create a single-domain forest. A DC hosts an instance of Active Directory Domain Services.


Master It

You want to promote a server to a DC and create a single-domain forest. What should you do?


Solution

Run DCPromo, and follow the wizard to create a new forest.


Add a second DC to the domain

A single DC represents a potential single point of failure. If it goes down, the domain goes down. Often administrators will add a second DC to the domain.


Master It

You want to add a second DC to your domain. What should you do?


Solution

Run DCPromo on a Windows Server 2008 R2 server, and follow the wizard to add a second DC to an existing domain.


Decide whether to add a global catalog

A global catalog server hosts a copy of the global catalog. Any domain controller can become a GC, but only the first domain controller is a GC by default.


Master It

You are promoting a second server to a domain controller in your single-domain forest. Should you make it a GC?


Solution

Yes. In a single-domain forest, all domain controllers should also be global catalog servers. This provides redundancy in the domain without any additional overhead.


Create accounts

Any domain needs to host user and computer accounts representing users and computers that will access the domain. There are several ways to create user and computer accounts.


Master It

What are two methods that can be used to create a user account? One is a GUI, and the other is a command-line tool.


Solution

Active Directory Users and Computers and the DSAdd command-line tool.


Create fine-grained password policies

Windows Server 2008 introduced the ability to create multiple password policies within a domain by using fine-grained password policies. You can use a fine-grained password policy to assign a different password policy to a user or group within the domain.


Master It

You want to create a fine-grained password policy for a group of administrators in your network. What should you create, and what tool should you use?


Solution

Create a password settings object using the ADSI Edit tool. You can also apply the PSO object to users or groups using Active Directory Users and Computers.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint