Building My Capture and Deployment Server – Part IV: Setting up Active Directory
This is the fourth part of my series on building my capture and deployment server. In Part I, I defined the virtual machine settings I used. In Part II, I installed Windows Server 2008 R2 x64 SP1 Enterprise Edition and did initial configurations. In Part III, I configured Network Address Translation. In this part, I will configure Active Directory as one of the prerequisites for Windows Deployment Services.
Configure Active Directory
Since i will want to use Windows Deployment Services (WDS) to deploy images to virtual machines, I will have to install the prerequisites. There are three requirements for WDS; Active Directory, DNS, and DHCP. Luckily Active Directory also requires DNS, so we will kill two birds with one stone here.
In Server Manager, right click Roles and select Add Roles. Click next on the first screen.
Put a check in the box next to Active Directory Domain Services.
If you do not have the .NET 3.5.1 feature enabled, you will be prompted to install it as well. Click Add Required Features. As a side note, I have .NET 4 framework installed, but it the requirements are coded to check for this specific feature. It is an interesting situation.
After adding the required feature, click Next twice and click Install.
Once the installation finishes, close the Add Roles Wizard. The next step is to run dcpromo.exe. Click on Start, Run, and type dcpromo.exe and hit OK. The Active Directory Domain Services Installation Wizard will appear. Click Next twice.
Here we will select to create a new domain in a new forest. Click Next.
Select a fully qualified domain name (FQDN) for the new domain. I selected “contoso.local”. After click Next, the wizard checks to see if that name is already in use in the local network.
Once the check passes, you will be prompted to select a Forest functional level. Since I don’t have any legacy servers or applications to worry about, I select Windows Server 2008 R2 level and click Next.
The wizard does a quick check for DNS and then prompts me to install it along with making this server a Global Catalog for Active Directory. Click Next.
Here the wizard is complaining because my External NIC is configured for DHCP and it warns me that without a static IP address, some clients might not be able to find the DNS server. Since the internal NIC does have a static IP, and it is the only network that I care about for this DNS server to support, I choose to continue with DHCP.
Here it is complaining that there is not authoritative parent zone for DNS. Since this is the first DNS server in the network, this is expected. Click Yes to continue.
We’re now prompted to select locations for the Active Directory database, the log file, and the sysvol folder that houses GPOs, startup scripts, etc. I left it at the default settings and clicked Next.
Select a password for the Directory Services Restore Mode. This is for use if Active Directory becomes corrupted, or a malicious admin deletes all the users. You can boot a domain controller into restore mode and restore a backup of the Active Directory database.
We do a final review of the settings we selected and kick off the configuration. This will take a little while and require a reboot.
Once the install is finished, it will prompt you to restart.
Once the restart is completed, we have a fully functioning Active Directory and DNS server.
As a side note on the DNS. With the settings as they are now, there are two DNS “resolvers” for the server. The External NIC has its DNS server entries set to my routers DNS due to DHCP, while the Internal NIC is configured to use the local host DNS server. The internal network can resolve DNS records due to the Internal NICs DNS configuration. In a real environment, I would also set the External NICs DNS configuration to blank and ensure the Internal NIC is at the top of the network bindings. This would then have both NICs resolving from the same DNS server.
- Building My Capture and Deployment Server – Part I – Virtual Machine Settings
- Building My Capture and Deployment Server – Part II – Windows Server 2008 R2 install and configuration
- Building My Capture and Deployment Server – Part III – Setting up Network Address Translation
- Building My Capture and Deployment Server – Part IV – Setting up Active Directory
- Building My Capture and Deployment Server – Part V – Setting up DHCP
- Building My Capture and Deployment Server – Part VI – Setting up Windows Deployment Services
- Building My Capture and Deployment Server – Part VII – Setting up Microsoft Deployment Toolkit 2012