2.2 Installing and Configuring Windows Server 2003 Service Pack 1
Windows Server 2003, like with all other
Microsoft applications, has periodic updates that become available for
the software. Interim updates can be downloaded and installed via the
Windows Update option on the system, or a visit to the Windows Update
website (http://update.microsoft.com) initiates the installer to check for the latest updates for Windows.
Major updates come in service packs that roll up
patches and updates into a single installation. Installing a service
pack brings a server up to date with all of the updates to the point in
time when the service pack was issued. The service packs for Windows
Server 2003 are cumulative, so the installation of Service Pack 2
includes all of the updates released prior to Service Pack 2, including
the Service Pack 1 update.
You can install a service pack update in two ways:
Windows Update— The service pack can be downloaded and automatically installed as part of the normal update process.
Download and install—
The service pack can be downloaded as a file and then the file can be
launched to install the update. This is frequently done when a system is
not connected to the Internet, or when a scheduled installation is
desired as opposed to an immediate installation after a download from
the Internet.
2.3 Installing the Service Pack
To update Windows Server 2003 with a service pack, obtain or download the service pack binaries from http://www.microsoft.com/downloads, and perform the following steps:
1. | Start the installation by either double-clicking on the downloaded file or finding the update.exe file located with the Windows Server 2003 Service Pack 1 media.
|
2. | At the welcome screen, shown in Figure 2, click Next to continue.
|
3. | Read the licensing agreement, and select I Agree if you agree with the terms. Click Next to continue.
|
4. | Accept the defaults for the Uninstall directory, and click Next to continue.
|
5. | The
service pack then begins the installation process, which takes 10 to 20
minutes to complete. Click Finish to end the service pack installation
and reboot the server.
|
2.4 Updating and Patching the Operating System
In addition to the patches that were installed
as part of the service pack, security updates and patches are constantly
being released by Microsoft. It is highly advantageous to install the
critical updates made available by Microsoft for the operating system,
particularly when it is first being built. These patches can be manually
downloaded and installed, or they can be automatically applied by using
Windows Update or Microsoft Update.
2.5 Installing the First Domain Controller for a New Domain
Installing a new domain requires the
installation of a new domain controller and Microsoft AD. After the
previous steps for installing Windows Server 2003 are complete, it is
possible to run the dcpromo command to begin installing AD. To begin the AD Installation Wizard, do the following:
1. | Choose Start, Run, type dcpromo
in the Open text box, and then click OK. This opens the Welcome to the
AD Installation Wizard screen and guides you through the installation of
a new Windows Server 2003 forest.
Note
An administrator can use the AD Installation
Wizard to install the first domain controller in the new AD forest. The
wizard can also use it to install additional domain controllers and
child domains after the first domain controller installation is
complete.
|
2. | On the Operating System Compatibility screen, read the information and then click Next.
|
3. | At
the welcome screen, click Next to begin installing the new AD domain.
Because this installation is a new domain and it is the first server in
the domain, on the Domain Controller Type page, select Domain Controller
for a New Domain. This option creates a new AD forest and configure the
first domain controller in the new domain, as illustrated in Figure 3.
|
4. | To
create the new domain in a new forest, on the Create New Domain page,
select Domain in a New Forest, and click Next to continue.
|
5. | Enter
the fully qualified DNS name of the new AD domain. This DNS name is not
the same as the existing Windows NT domain name and must be unique to
any domain names on your network. For this example, companyabc was used,
as illustrated in Figure 4. Click Next to continue.
|
6. | Enter
the NetBIOS name information, and then click Next. The NetBIOS domain
name is the name you want Windows NT 4.0 domains to use when identifying
your new AD domain. It is usually the same name as your new domain.
|
7. | Depending on your server configuration design, select the location where the AD databases will be located.
Note
When configuring AD database locations, make
sure that your server hardware configuration plan takes recoverability
and performance into account.
For best performance, install the AD
databases on a separate hard disk than the server operating system and
server page file. Use the Browse buttons to select the disks where you
want to store the AD databases.
For best recoverability, use disk fault tolerance such as RAID or disk mirroring for the AD databases.
|
8. | Use
the Browse button to select the location where the SYSVOL folder will
be installed or use the default location, and click Next. The SYSVOL
folder contains the new AD domain’s data files. This information is
replicated to all domain controllers in the domain and can be installed
only on an NTFS volume. Your server design should account for the
placement of the domain controller’s SYSVOL folder.
|
9. | On
the Install and Configure DNS page, you can determine how DNS will be
installed within the new AD domain. This page can be used to install DNS
on the server or configure the upgrade to use a different DNS server on
the network. Because this is the first domain controller in the new
forest, select Install and Configure the DNS Server on This Computer.
Choosing this option installs Microsoft DNS on the new domain controller
and modifies the server’s TCP/IP properties to use the new DNS
installation for name resolution, as illustrated in Figure 5.
When you configure AD permissions, the forest functionality must
be configured for compatibility with other Windows Server family
operating systems.
|
10. | If
the new domain installation will contain only Windows Server 2003
domain controllers, select permissions compatible with Windows 2000 or
Windows Server 2003 operating systems. This option is applicable only
when you’re adding new domain controllers to your domain. This does not
affect backward compatibility when migrating existing Windows NT 4.0
domains to AD. For this example, select Permissions Compatible Only with
Windows 2000 or Windows Server 2003 Operating Systems, and click Next
to continue.
|
11. | Assign
a password to the Directory Services Restore mode account. The
Directory Services Restore mode password is used to recover a server in
case of server failure. This password should be documented in a secure
location in case a recovery of the server is required. When you’re
configuring the password, keep in mind that each Windows
Server 2003 server with AD in the domain has its own unique Directory
Services Restore mode account. This account is not associated with the
Domain Administrator account or any other Enterprise Administrator
accounts in AD. Enter the Directory Services Restore password, and click
Next.
|
12. | Review the server configuration, and click Finish. This step completes the installation of AD.
|
Restart the domain controller by selecting
Restart Now. Log on after the server restarts and review the server’s
Event Viewer application and system logs to identify any errors or
potential problems with your installation before continuing.
