ActiveWin: Step-by-Step Guide to Setting up Additional Domain Controllers http://www.activewin.com/win2000/step_by_step/active_directory/doma...

ActiveWin: Win 2000 Active Network | Intro | History | Links | FAQ | Mailing List | Forums

DirectX
ActiveMac
Downloads
Forums
Interviews
News
MS Games & Hardware
Reviews
Support Center
Windows 2000
Windows Me
Windows Server 2003
Windows Vista
Windows XP

NEWS CENTERS Step-by-Step Guide to Setting up Additional Domain

Windows/Microsoft Controllers
DVD
Apple/Mac
Xbox Introduction
News Search
An Active DirectoryTM service deployment is made up of one or more forests,
ACTIVEXBOX where a forest has one or more domains. Creating the initial domain controller
Xbox News (DC) in a network creates the first domain in a forest—you cannot have a
Box Shots
Inside The Xbox
domain without at least one domain controller. The first domain created is the
Released Titles root domain of the first forest. Additional domains in the same domain forest
Announced Titles may be child domains or tree root domains. A domain immediately above
Screenshots/Videos another domain in the same domain tree is its parent.
History Of The Xbox
Links
Forum Domains are used to accomplish network management goals, such as
FAQ structuring the network, delimiting security, applying Group Policy, and
replicating information.
WINDOWS XP
Introduction Active Directory allows Windows® 2000 domain controllers function as peers,
System Requirements
and clients can make updates to Active Directory on any Windows 2000
Home Features
Pro Features domain controller in the domain. This is a change from the
Upgrade Checklists read-write/read-only roles played by Windows NT® Server Primary Domain
History Controllers (PDCs) and Backup Domain Controllers (BDCs). The Windows NT
FAQ
Server domain system supports single-master replication—all changes must be
Links
TopTechTips made on the PDC.

FAQ'S The Windows 2000 operating system supports multimaster replication: all of a
Windows Vista domain’s domain controllers can receive changes made to objects, and can
Windows 98/98 SE replicate those changes to all other domain controllers in that domain. A
Windows 2000 domain is a directory partition. By default, the first domain controller created
Windows Me
Windows Server 2002
in a forest is a global catalog server, which contains a full replica of all objects
Windows "Whistler" XP in the directory for its domain and a partial replica of all objects stored in the
Windows CE directory of every other domain in the forest.
Internet Explorer 6
Internet Explorer 5
Xbox
Replicating Active Directory data among domain controllers provides benefits
Xbox 360 for information availability, fault tolerance, load balancing, and performance.
DirectX In this step-by-step guide, you can take advantage of the greater fault
DVD's tolerance provided in the multimaster model by installing multiple domain

1 of 5 9/18/2010 7:04 PM
ActiveWin: Step-by-Step Guide to Setting up Additional Domain Controllers http://www.activewin.com/win2000/step_by_step/active_directory/doma...

TOPTECHTIPS controllers so that the Active Directory remains available even if a single
Registry Tips domain controller stops working.
Windows 95/98
Windows 2000
Internet Explorer 5 Prerequisites
Program Tips
Easter Eggs This step-by-step guide requires that you have installed Windows 2000 Server
Hardware
DVD
on two computers in your network and that you can log on as an
Administrator.
ACTIVEDVD
DVD News This guide assumes you have run the procedures in the "Step-by-Step Guide to
DVD Forum the Common Infrastructure for Windows 2000 Server Deployment, Parts One
Glossary and Two."
Tips
Articles
Reviews
The common infrastructure documents specify a particular hardware and
News Archive software configuration. If you are not using the common infrastructure, you
Links must take this into account when using the guide.
Drivers

In Part 1 of the Step-by-Step Guide to a Common Infrastructure for Windows

LATEST REVIEWS 2000 Server Deployment, you installed Windows 2000 Server on a computer
Xbox/Games
Fallout 3
and promoted the server to domain controller of the fictitious domain Reskit.
When you promoted the server to a domain controller, the Configure Your
Applications
Windows Server 2008 R2
Server wizard automatically installed Active Directory, DNS, and DHCP on that
Windows 7 server. After populating the Active Directory containers on the domain
Hardware controller (computer name HQ-RES-DC-01), you installed Windows 2000
iPod Touch 32GB Professional on a workstation in that domain using Part 2 of the Guide to a
Common Infrastructure.
LATEST INTERVIEWS
Steve Ballmer Use this document to continue setting up the common infrastructure network
Jim Allchin for Active Directory step-by-step guides. This guide will provide you with the
procedures to configure a computer running Windows 2000 Server as the first
SITE NEWS/INFO domain controller of a child domain of the parent domain Reskit, and configure
About This Site
Affiliates
an additional domain controller to function as a replication partner. This
Contact Us requires that in addition to the first DC in the network (Reskit.com), you have
Default Home Page two more computers running Windows 2000 Server that can be promoted to
Link To Us DCs. This simply entails installing Windows 2000 Server on those computers;
Links
Member Pages
use the Getting Started guide supplied with your Windows 2000 Server CD for
News Archive instructions.
Site Search
Awards See the Product Compatibility Search site to make sure that your server meets
the minimum requirements for Windows 2000 Server.
CREDITS
©1997-2010, Active
Network, Inc. All Rights Installing Static IP Addresses Back to Top
Reserved.
Please click here for full
terms of use and
Best Practice: While not strictly required, Microsoft highly recommends that
restrictions or read our domain controllers, DHCP servers, routers, and printers have static IP
Privacy Statement. addresses assigned to them for stability.

The following steps should be performed on a computer that has Windows 2000
Server installed, is connected to an existing network (in our example, the
Reskit network established in the Step-by-Step Guide to the Common
Infrastructure), and which is not the first domain controller in the network.

Install a static IP address on the first child domain DC and replication

partner DC

1. Right-click My Network Places, and click Properties.

2. In the Network and Dial-up Connection dialog box, right-click Local

2 of 5 9/18/2010 7:04 PM
ActiveWin: Step-by-Step Guide to Setting up Additional Domain Controllers http://www.activewin.com/win2000/step_by_step/active_directory/doma...

Area Connection, and then click Properties.

3. In the Local Area Connection dialog box, double-click Internet
Protocol.
4. Select Use the following IP address, and enter

IP address for first child domain DC: 10.0.4.2

IP address for replication DC: 10.10.1.3
Subnet mask: 255.255.255.0
Default gateway: 10.10.1.2

5. Select Preferred DNS server, type 10.10.1.1, and click OK.

6. In the Local Area Connection dialog box, click OK.
7. Close the Network and Dial-up Connection dialog box.

Configuring a Child Domain

Run the Configure Your Server wizard

1. Click Start, point to Programs, point to Administrative Tools, and

then click Configure Your Server. The Configure Your Server wizard
appears.
2. Select One or more servers are already running in my network, and
click OK.
3. On the next wizard page, click Active Directory in the list of services on
the left. On the Active Directory information page, scroll to Start the
Active Directory Installation Wizard, and click Start. (To make this
server a domain controller, you must install Active Directory.)

Note: Because you must have a partition formatted with NTFS to host Active
Directory, you might receive a message asking you to convert the file system
on your computer to NTFS. Click Yes. The process of converting the partition to
NTFS begins, which includes disk check, processing files on the volume, and
converting the file system. When the conversion is complete, you can return to
step 3, and click Start to start the Active Directory Installation wizard.

4. Click Next, and then click New, and then click Next again.
5. Select Create a new child domain in an existing domain tree, and
click Next.
6. In the Network Credentials box, enter the user name as
Administrator, do not enter a password, type the domain name as
Reskit, and click Next.
7. On the Child Domain Installation page, enter the parent domain as
Reskit.com and the child domain as Vancouver. Note that the complete
DNS name of the new domain is displayed now as
Vancouver.reskit.com. Click Next.
8. In the NetBIOS Domain Name box, accept the defaults and click Next.
9. On the Database and Log on Locations page, accept the defaults and
click Next.
10. On the Shared System Volume page, accept the defaults and click
Next.
11. If your testbed will contain machines running pre-Windows 2000
operating systems, select Permissions compatible with pre-Windows
2000 servers. If you plan on having a Windows 2000-only testbed,

3 of 5 9/18/2010 7:04 PM
ActiveWin: Step-by-Step Guide to Setting up Additional Domain Controllers http://www.activewin.com/win2000/step_by_step/active_directory/doma...

select Permissions compatible only with Windows 2000 servers.

Click Next.
12. When prompted to Restore Mode Administrator Password, click No
and then click Next.
13. On the Summary page, click Next, and the wizard configures Active
Directory.
14. Click Finish on the Completing Active Directory Installation page.

Before the wizard restarts Windows, the Completing the Active Directory
Installation page appears, which confirms that Active Directory is installed on
this computer and specifies that it is a domain controller assigned to the site,
"Default-First-Site." Sites, which are configured with the Active Directory Sites
and Services tool, determine how replication occurs.

Role of Sites in Active Directory Replication Back to Top

Sites enable the replication of directory data both within and among sites.
Active Directory replicates information within a site more frequently than
across sites, which means that the best-connected domain controllers receive
updates first. The domain controllers in other sites receive all changes to the
directory, but less frequently, reducing network bandwidth consumption.

A site is delimited by subnet, and is usually geographically bounded. A site is

separate in concept from Windows 2000-based domains. A site can span
multiple domains, and a domain can span multiple sites. Sites are not part of
the domain namespace. Sites control replication of your domain information
and help to determine resource proximity. For example, a workstation will
select a DC within its site with which to authenticate.

Directory information can be exchanged using the following transports: RPC

over TCP/IP and SMTP. See the “Step-by-Step Guide to Active Directory Sites
and Services” for information about configuring sites, subnets, and IP-based
replication. See the Step-By-Step Guide to Setting up ISM-SMTP Replication
for information about SMTP replication.

Configuring a Replication Partner

To take advantage of multimaster replication, you can set up another domain

controller to serve as a replication partner for the first DC of the child domain,
Vancouver.

Configure an additional domain controller as replication partner

1. Click Start, point to Programs, then to Administrative Tools, and

then click Configure Your Server.
2. On the first wizard page, select One or more servers already running
in my network, and click Next.
3. Click Active Directory in the list on the left and scroll to Start the
Active Directory Wizard, and click Start.
4. On the Active Directory Installation Wizard welcome page, click
Next.
5. On the Domain Controller Type page, select Additional domain
controller. This creates the domain controller as a replication partner.
6. On the Network Credentials page, log on as administrator, type the

4 of 5 9/18/2010 7:04 PM
ActiveWin: Step-by-Step Guide to Setting up Additional Domain Controllers http://www.activewin.com/win2000/step_by_step/active_directory/doma...

domain name Reskit, and click Next.

7. On the Additional Domain Controller page, click Next.
8. On the Database and Log Location page, accept the defaults and click
Next.
9. On the Shared System Volume page, click Next.
10. Leave the Restore Mode Administrator Password page blank, and
click Next.
11. On the Summary page, click Next. The wizard configures Active
Directory.
12. When the Completing Active Directory wizard page appears, click
Finish, and restart Windows.

Important Notes

The example company, organization, products, people, and events depicted in

this step-by-step guide is fictitious. No association with any real company,
organization, product, person, or event is intended or should be inferred.

This common infrastructure is designed for use on a private network. The

fictitious company name and DNS name used in the common infrastructure are
not registered for use on the Internet. Please do not use this name on a public
network or Internet.

The Active Directory structure for this common infrastructure is designed to

show how Windows 2000 features work and function with the Active Directory.
It was not designed as a model for configuring an Active Directory for any
organization—for such information see the Active Directory documentation.

This feature information was obtained from the Microsoft Windows 2000 website at
http://www.microsoft.com/windows2000 and are linked from ActiveWin.com for your convenience and is
subject to Microsoft's copyright. For the most accurate information please visit the official site.

5 of 5 9/18/2010 7:04 PM