Question

Locked

Windows Server 2003: Active Directory Setup Guide Needed

By mandocia ·
Hello, I have had problems getting xp pro computers to join my Windows Server 2003 Domain. I have decided to start over, and am going to format my server and start from scratch.

My question is as follows: is there a good guide for me to use to get this going correctly? I have used internet guides found in google up to this point, and nothing works. I need a guide that works but also explains why things are set up the way they are. Keep in mind, this is my first attempt to do this, and I do not know much as of yet. Thanks.


Daminious

This conversation is currently closed to new comments.

25 total posts (Page 1 of 3)   01 | 02 | 03   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

dude...

by mike In reply to Windows Server 2003: Acti ...

If you ignore your problems they don't go away... What kind of errors are you getting? Try to figure out what the issue is cause it really sux when you reformat, reinstall, setup, and have the same problem.

-Mike

Collapse -

oh

by mike In reply to Windows Server 2003: Acti ...

just saw your post w/ problems....

Collapse -

Reinstall

by mandocia In reply to oh

I have reinstalled once already, but the same issues I had before came up, however I did things differently. This is why I need a guide, because the ones I find online do not seem to work, I guess they assume you will know things without them telling you.

I plan to go through the install process again, but this time make sure the domain name is local, and that the NIC's tcp/ip settings point to the local DNS before I try to join a domain. If those things do not work, then I may have to consider the problem to be within my client machines themselves.

Daminious

Collapse -

shouldn't be client computers

by CG IT In reply to Reinstall

even with XP Pro SP2 the client computer should be able to reach the domain controller to join the domain.

There isn't any 1 white paper that explains everything about setting up a domain controller [running a Microsoft Active Directory domain]. The reason is that a DC has a couple of different components that comprise a DC. DNS is one of them and that subject has one whole book [and more] devoted just to DNS. Active Directory is another whole book as well as DHCP.

the best place to start is to understand DNS because Active Directory relies upon DNS to function properly. Active Directory is Directory Services. Everything in Active Directory is considered an object. Active Directory uses containers to collect objects. These containers are Organizational Units. With these containers, you can group users, computers, printers, and assign permissions to access these resources. You can control users computer environment using group policy. Group Policy is a set of policies you can apply to containers that contain users or computer accounts. you can deploy software to users via group policy.

so as you can see, Active Directory is a complicated mechanism that isn't covered under a white paper, rather is covered in a book.

Microsoft Technet is a great resource

here is a link for Technet on DNS
http://technet2.microsoft.com/windowsserver/en/technologies/featured/dns/default.mspx

This is a link for Active Directory concepts on Technet

http://technet2.microsoft.com/WindowsServer/f/?en/library/77a19ae8-bffe-42ca-a841-3d18ea62dc9b1033.mspx

Collapse -

dcpromo promote

by CG IT In reply to shouldn't be client compu ...

if your starting over, install Windows Server 2003. apply SP1 and get all the updates from the Window Update site before proceeding in creating your Domain Controller [DC]. If your creating this domain controller as a test network to learn Active Directory services, choose a Class C addressing scheme for your server NIC. A suggestion would be to use 192.168.1.1 as the server address, subnet mask 255.255.255.0. When you setup DHCP, the address pool would be 192.168.1.2 - 253 subnet mask 255.255.255.0. that gives you 252 hosts [or workstations which can get addresses]. note: you do not have to install DHCP for Active Directory to work or function nor is it a basic configuration requirement. you can install DHCP after the server becomes a DC.

once your server has basic configurations completed, you can dcpromo promote it to a domain controller.

here's a Technet link on how to create a DC on a Windows 2003 server using dcpromo promote and the Active Directory wizard.

http://technet2.microsoft.com/WindowsServer/f/?en/library/87e58caa-b7f1-4c72-9c5c-b478aa53fc361033.mspx

In choosing a domain name to use, I recommend using the .local extension rather than the public .com/net/org.

Collapse -

add workstations to a domain

by CG IT In reply to dcpromo promote

once you have your server promoted to a Domain controller you then need to join workstations to the domain.

here is a technet article on joining a domain.

http://technet2.microsoft.com/WindowsServer/f/?en/library/7207aa3e-d95d-4176-a1ca-bc629f1ca6981033.mspx

here's a small troubleshooting Technet article. Small but....

http://technet2.microsoft.com/WindowsServer/f/?en/library/2b0efdba-33e4-432d-a284-fd56a5db4c6a1033.mspx

note: you should have your domain controller connected to a switch and your workstations also connect to the switch. you can join workstations to the domain the same way you join it to a workgroup. here's a technet article on that

http://technet2.microsoft.com/WindowsServer/f/?en/library/156d7205-0032-4116-8fb6-c4fd4342ba571033.mspx

the only difference is that you would specify a domain rather than a workgroup. when you specify the domain name and click ok, you'll be prompted to provide credential to join the computer to the domain. user the administrators account user name and password.

the workstation will then try to contact the server [Active Directory] to authenticate the user name and password bu query of the DNS server. This appears to be where you had your problem. You had the loopback address 127.0.0.1 as your DNS server when in fact your DNS server's address is the domain controller address The loopback address is just an address [mechanism] for the host to send packets to itself for testing purposes. here's a webopedia on loopback address.

http://www.webopedia.com/TERM/L/loopback_address.html

I would recommend getting a book on IP addressing. TCP/IP for Dummies or TCP/IP Jump Start Internet protocol basics are good books for fundamental concepts of TCP/IP

Collapse -

DHCP

by CG IT In reply to add workstations to a dom ...

here's a technet article on DHCP

http://technet2.microsoft.com/windowsserver/en/technologies/dhcp.mspx

as you can see there's lots of reading material.

note: even when you install DHCP on the DC, it doesn't just start working. You have to must authorize the DHCP server, then activate it before it will work. see this technet paper
http://technet2.microsoft.com/WindowsServer/en/library/e24cbe2a-b9f4-412d-9a4a-1c085b2866f11033.mspx?mfr=true

note: you don't have to install DHCP. you can use a static addressing scheme. If you want to learn DHCP then by all means install it, however, you can setup your client with a static address. If your server is IP address 192.168.1.1 mask 255.255.255.0, then you can assign the client an address in the same subnet such as 192.168.1.3 mask 255.255.255.0 dns server would be the DC [as when you installed Active Directory using dcpromo promote, the Active Directory wizard will automaticall install DNS [AD needs DNS to function] so, the client computer needs the DC server [which is also the DNS server]address [192.168.1.1 mask 255.255.255.0]

So that's the quick and dirty, in a nutshell, creating an Active Directory Domain [creating a Doman Controller with DNs and Active Directory running on it].

For security best practices, there are also articles on Technet.

Collapse -

Same error as before

by mandocia In reply to add workstations to a dom ...

Ok, I have reinstalled Windows Server 2003. I installed the correct drivers, and updated in windows update.

I set my server's IP Address to 192.168.1.4, because my router is 192.168.1.3, and I felt that was a good area to begin. Also, my router is a DHCP server that assigns address from .100 to .199.

Both clients are connected to the router, as well as the server.

I installed Active Directory and choose daminious.local as my domain name. I had the program install the DNS server automatically.

Once done, I rebooted and set my server's NIC's DNS to 192.168.1.4. I went to my client PC and added in the DNS of 192.168.1.4.

I went to connect to a domain and then I got a request for a username and password. I put in Administrator, then the password. The following is the result:

"The following error occured attempting to join the domain "daminious.local"

The format of the specified network name is invalid"

I also changed my client's name and made it less then 8 characters, no spaces, which is MDPBook. Same result.

Thus, I am having the same error as always. I must be doing something wrong someplace.

Daminious

Collapse -

whats the error code #

by CG IT In reply to Same error as before

should give you an error # like 1212 or 1616.

Collapse -

Error Code Not Given

by mandocia In reply to oh

There was no error code given, a popup window titled Computer Name changes appears, and says:

"The following error occurred attempting to join the domain "daminious.local":

The format of the specific network name is invalid.

Daminious

Back to Networks Forum
25 total posts (Page 1 of 3)   01 | 02 | 03   Next

Hardware Forums