Computer Performance, Windows Server 2003

Guy recommends :
Free Permissions
Analyzer Tool

Solarwinds Free Download of Permissions Analyzer

 

View the effective permissions for a folder or shared drive. Free download try it now!

 
Custom Search

Guy recommends:
Free network monitor

Solarwinds Network Device Monitor

SolarWinds' monitor makes it easy to check the performance of your router or firewall.

Download your free Network Device Monitor

Guy's Review of Computer Tools

 1) Belarc Advisor
 2) Engineers Toolset
 3) Freeping
 4) PuTTY
 5) Permission Analyzer
 6) Secunia
 7) Net-SNMP
 8) Mobile IT Admin App
 9) DNS Stuff
10) WinDiff Compare

Windows Server 2003 - Installing Active Directory

Part 2 - Installing Active Directory

With installations, 7 minutes of planning will save an hour for rework. The secret of troubleshooting Active Directory installs is mastering DNS.  I find NSLookup invaluable, also Ipconfig's new switches /registerdns and /flushdns are handy.

Topics for Installing Active Directory

  ‡

What's new in Windows Server 2003?

  • Check a new program ADPREP.  It has /forestprep switches like Exchange.
  • Install a brand new Domain Controller from a back up of an existing server.

ADPREP

Here is a built-in command line tool that will prepare the schema.  It does not actually install the NDTS.dit files but it does prepare the forest or the individual domain for Active Directory.

ADPREP /forestprep

ADPREP /domainprep

DCPROMO /adv

If you already have a working domain controller, backup the system state, go to a member server, run DCPROMO /adv then point the wizard to the backup files

Procedure for creating a Domain Controller

The key to success is preparation: 

Decide your DNS and enter the name in the Computer Name Tab in the System Icon (Windows Key DCPROMO + Pause).  Whilst this section deals with the nuts and bolts of an installation, take care to design your Active Directory forest, for example, account naming strategy, top level OUs, group policies.

Now you are ready to run DCPROMO.

DCPROMO decisions

To call for the Active Directory Installation Wizard, Start, Run DCPROMO and answer these questions:

  1. New Domain - or Replica (another DC in the same domain)
  2. Domain Tree in existing forest - or New Domain Tree
  3. Domain in New Forest

Guy Recommends 3 Free Active Directory ToolsDownload Solarwinds Active Directory Administration Tool

SolarWinds have produced three Active Directory add-ons.  These free utilities have been approved by Microsoft, and will help to manage your domain by:

  1. Seeking and zapping unwanted user accounts.
  2. Finding inactive computers.
  3. Bulk-importing new users.  Give this AD utility a try, it's free!

Download your FREE Active Directory administration tools.

Crucial Install DNS Stage

There are many ways of installing DNS, but I favour doing as little as possible myself, and letting the DCPROMO Wizard do as much as possible.  For Example, here is a crucial stage where DCPROMO needs DNS, I always select the middle option, ' Install and Configure DNS on this computer...'  To be crystal clear, I do NOT configure DNS myself, I let the Wizard create all those _msdcs records.

DCPROMO DNS Windows Server 2003.

 

See much more on DNS here

Best practice

Remember that the Active Directory can grow so make sure the partition has at least 300 MB of free space for NTDS.dit itself, and 100 MB for the log files.  Talking of the logs, install the edbxxx.log files on a separate disk.

Post installation considerations

To verify that installation has run smoothly check the following:

  1. DNS _SRV record: _msdcs, _sites, _tcp, _udp.  Also the GC, DC records are essential for users to find the global catalog and domain controller in order to logon.  If these records do not appear, try stopping and starting the Netlogon service.
  2. Run %systemroot%\sysvol and look for domain folders.
  3. Check the System and Directory Service Event logs for error messages.

Demotion back to member server

If the worst comes to the worst, run DCPROMO to demote, then try again making different decisions.

Guy Recommends: Permissions Analyzer - Free Active Directory ToolFree Permissions Analyzer for Active Directory

I like the Permissions Monitor because it enables me to see quickly WHO has permissions to do WHAT.  When you launch this tool it analyzes a users effective NTFS permissions for a specific file or folder, takes into account network share access, then displays the results in a nifty desktop dashboard!

Think of all the frustration that this free utility saves when you are troubleshooting authorization problems for users access to a resource.  Give this permissions monitor a try - it's free!

Download Permissions Analyser - Free Active Directory Tool

See Also

 *

Custom Search

Site Home

Guy Recommends: SolarWinds' NPM - Review of Orion NPM
Network Performance Monitor

SolarWinds' performance monitor is designed for detecting network outages, making it easy to see what's working, and what needs your attention.

This utility guides you through creating network maps; it also helps identifying whether the root cause is faulty equipment, or resource overload. Give NPM a try.

Download a free trial of Network Performance Monitor

Author: Guy Thomas Copyright © 1999-2013 Computer Performance LTD All rights reserved.

Please report a broken link, or an error to: