This chapter includes the following sections:
Install the Operating System:
Install Windows Server 2008 (any Windows server except Web).
When the installation is complete, leave the installation disc in the drive, you will need it to complete the installation of ADS.
Set the Computer's Name and Suffix.
Open the "System Properties" dialog box. Click Start, then right-click the computer icon.
In the "System" window select Advanced system settings (Figure 17-1).
Select the Computer Name tab (Figure 17-2), click Change.
Figure 17-2 System Properties Dialog Box
In the pop-up window that appears (Figure 17-3), fill in the following fields:
Computer name: Enter the name you wish to designated for your computer. (Make a record of this name).
Member of: Select the Workgroup radio button, then enter a unique workgroup name. (Make a record of this name).
Figure 17-3 Computer Name/Domain Changes Dialog Box
Click More...
In the "DNS Suffix and NetBIOS Computer Name" dialog box (Figure 17-4), do the following:
Primary DNS suffix of this computer: Enter the DNS suffix of your computer (Make a record of this suffix).
Change primary DNS suffix when domain membership changes: If check box is selected, deselect it.
Figure 17-4 DNS Suffix and NetBIOS Computer Name Dialog Box
Click OK to close the dialog box.
In the "Computer Name/Domain Changes" dialog box, click OK.
In the "System Properties" window click Close.
In the reboot dialog box (Figure 17-5) click Restart Later.
Figure 17-5 Microsoft Windows Dialog Box
To configure the network settings:
Open "Network Properties."
Select Start > Control Panel.
Click the Network and Sharing Center icon.
Select the Network Connection (Figure 17-6) to edit (if you have more than one see ipconfig
result, make sure to select the correct one).
Select View Status, located next to the network connection you have selected.
Click Properties (Figure 17-7).
Select Internet Protocol Version 4 (TCP/Iv4) (Figure 17-8).
Figure 17-8 Internet Protocol Version 4 (TCP/Iv4)
Set the IP address to an unused, static IP address.
Set the preferred DNS server to your computer's IP address.
Click Advanced:
Select the check box Append primary and connection-specific DNS suffixes (Figure 17-9).
Select the check box Append parent suffixes of the primary DNS suffix (Figure 17-9).
Click on until you have exited the properties pane, then click Close.
Restart the computer.
Select Start > Server Manger.
In the "Roles" section (Figure 17-10) click Add Roles.
In the "Add Roles Wizard" (Figure 17-11) click Next.
Figure 17-11 Add Roles Wizard - Before You Begin
Select Active Directory Domain Services (Figure 17-12) and click Next.
Figure 17-12 Add Roles Wizard - Select Server Roles
Review the list of additional services to be installed along with Active Directory (Figure 17-13) and click Next.
Figure 17-13 Add Roles Wizard - Active Directory Domain Services
Click Install to begin installation of "Active Directory 2008" (Figure 17-14).
Figure 17-14 Add Roles Wizard - Confirm Installation Selections
Allow the installation to complete (Figure 17-15).
Figure 17-15 Add Roles Wizard - Installation Progress
Review the results of the "Add Roles Wizard" page (Figure 17-16). Click: Close this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe).
Figure 17-16 Add Roles Wizard - Installation Results
In the welcome screen (Figure 17-17) click Next.
Figure 17-17 Active Directory Domain Services Installation Wizard - Welcome
In the "Operating System Compitibility" screen (Figure 17-18) click Next.
Figure 17-18 Operating System Compatibility
In the "Choose a Deployment Configuration" screen (Figure 17-19) select Create a new Domain in a forest, then click Next.
Figure 17-19 Choose a Deployment Configuration
Name the "Forest Root Domain" (Figure 17-20):
Enter the name of the new forest, which is the DNS root domain that you created previously. Click Next.
Figure 17-20 Name the Forest Root Domain
Allow the check dialog to complete (Figure 17-21).
In the "Set Forest Functional Level" screen (Figure 17-22), select Windows Server 2008, then click Next.
Figure 17-22 Set Forest Functional Level
In the "Additional Domain Controller Options" screen (Figure 17-23), ensure that DNS Server is selected, then click Next.
Figure 17-23 Additional Domain Controller Options
If you have a DHCP based adapter you will see the following pop-up message (Figure 17-24):
Select No, I will assign static IP addresses to all physical adapters to continue with the installation. After the installation completes you can change any DHCP adapter back.
If the DNS zone you are creating does not have an authoritative parent zone, the following pop-up message may be displayed (Figure 17-25):
Figure 17-25 Active Directory Domain Services Installation Wizard
Select Yes to continue with the installation.
In the "Location for Database, Log Files, and SYSVOL" screen (Figure 17-26) select the default in the Database folder field or change it as required by your system, then click Next.
Figure 17-26 Location for Database, Log Files, and SYSVOL
In the "Directory Services Restore Mode Administrator Password" screen (Figure 17-27), enter a password and make a record of it.
Figure 17-27 Directory Services Restore Mode Administrator Password
In the "Summary" screen (Figure 17-28):
Review your settings.
Export your settings.
Click Next.
Wait for the installation to complete (Figure 17-29).
Figure 17-29 Waiting for DNS Installation to Finish
In the Active Directory Domain Services Installation Wizard (Figure 17-30), click Finish to complete the installation.
Figure 17-30 Completing the Active Directory Domain Services Installation Wizard
Reboot the System.
Select Start > Run.
Enter gpmc.msc
in the available field.
Click OK (Figure 17-31).
"Group Policy Management" opens (Figure 17-32).
Expand the tree Domains > <your domain name>
, then select Default Domain Policy, located in the left panel of the "Group Policy Management" screen (Figure 17-33).
Select the Settings tab (Figure 17-34).
Figure 17-34 Group Policy Management - Settings Tab
Expand Security > Account Policy/Password Policy section (Figure 17-35), by clicking show.
Figure 17-35 Security > Account Policy/Password Policy
Review the "Policy" list. The option Password must meet complexity requirements is set to true by default. Change this option to Disabled (default WebCenter Sites passwords do not meet these requirements).
Select Start > Run.
Enter: gpmc.msc
in the field provided.
Click OK (Figure 17-36).
In the "Group Policy Management" screen, expand the tree Domains > name of your domain. Select the Default Domain Policy, located on the right of the screen (Figure 17-37), then select edit.
The "Group Policy Management Editor" window opens (Figure 17-38).
Figure 17-38 Group Policy Management Editor
In the left hand tree expand: Computer Configuration > Policies > Windows Settings > Security Settings > Account Settings > Password Policy (Figure 17-39).
Right-click Password must meet complexity requirements, located on the right side of the screen, then select Properties.
In the "Password must meet complexity requirements Properties" dialog box (Figure 17-40) select the radio button Disabled, then click OK.
Figure 17-40 Password Must Meet Complexity Requirements Properties Dialog Box
Close the "Group Policy Management Editor" and "Group Policy Management" windows.
The domain will no longer check for password complexity. WebCenter Sites default passwords can now be used.
When WebCenter Sites is installed you can reverse step 2 by clicking Enabled to re-engage the security settings.
This section shows you how to connect to Active Directory Server using an LDAP browser.
Note:
You cannot add groups, set passwords, or activate accounts using an LDAP browser.Open the LDAP browser.
Select the Quick Connect tab.
Fill out the following information (Figure 17-41):
Host: localhost
(if connecting remotely, enter the actual host name)
Base DN: <DNS_suffix>
(the part of the DNS name after the host name)
Anonymous bind: deselect
User DN: administrator@<DNS_suffix>
Append base DN: deselect
Password: <ADS_password>
(you created this password in step 9)
Click Connect.
Show the default view on the LDAP tree (Figure 17-42).