3. Creating a Domain Tree
If you don't promote any other
domain controllers, then that domain controller simply controls that
one domain and only one tree is created. To create a new domain tree,
you need to promote a Windows Server 2008 computer to a domain
controller. In the Active Directory Installation Wizard, you select the
option that makes this domain controller the first machine in a new
domain that is a child of an existing domain. As a result, you will
have a domain tree that contains two domains—a parent and a child.
Before you can create a new child domain, you need the following information:
The name of the parent domain
The name of the child domain (the one you are planning to install)
The filesystem locations for the Active Directory database, logs, and shared system volume
DNS configuration information
The NetBIOS name for the new server
A domain administrator username and password
Exercise 1
walks you through the process of creating a new child domain using the
Active Directory Installation Wizard. This exercise assumes that you
have already created the parent domain and that you are using a server
in the domain that is not a domain controller.
Log
on to the computer as a member of the Administrators group and open the
Active Directory Installation Wizard by clicking Start => Run, and typing dcpromo. After the message about installing the binaries appears, Click Next to begin the wizard.
The
Choose A Deployment Configuration screen appears. Click Existing Forest
and then click Create A New Domain In An Existing Forest. Click Next.
A
warning box may appear stating that the local administrator account
becomes the domain administrator account for the new domain. If it
appears, Click Yes to continue.
On
the Network Credentials page. Then click the Set button. In
the new Windows Security dialog box that appears, enter the username
and password for the domain administrator of the domain you wish to
join.
Click
the OK button on the Alternate Credentials screen. A warning may appear stating that the current user
credentials cannot be selected because they are local to this computer.
The warning appears because our local account is the same as our domain
administrator's account. This warning will not affect the exercise.
Click Next.
If
the information you entered was correct, you will see the Name The New
Domain page. Here, you will be able to confirm the name of the parent
domain and then enter the domain name for the child domain. Enter the
new child domain name (in the following example, we used NH for the state of New Hampshire). Click Next to continue.
If
the Select A Site screen appears, choose any site and click Next. (You
may not have any sites created on your other domain. This server will
then be added to the DefaultFirstSite.)
On the Additional Domain Controller Options page, uncheck any options and click Next.
A warning box appears stating that you have chosen not to install DNS; just click Yes.
On
the Location for Database, Log Files, and SYSVOL page, you'll need to
specify the database and log locations. These settings specify where
the Active Directory database resides on the local machine. As
mentioned previously, it is good practice to place the log files on a
separate physical hard disk because this increases performance. Enter
the path for a local directory (you can also leave the defaults for
these exercises), and click Next.
In
order to be able to recover this server in the event of a loss of
Active Directory information, you will need to provide a password on
the Directory Services Restore Mode Administrator Password page. This
password will allow you to use the built-in recovery features of
Windows Server 2008 in the event that the Active Directory database is
lost or corrupted. Enter P@ssw0rd, confirm it, and then click Next.
On
the Summary page, you will be given a brief listing of all the choices
you made in the previous steps. It's a good idea to copy this
information and paste it into a text document for future reference.
Click Next to continue.
On the Completing the Active Directory Domain Services Installation Wizard, click Finish.
