Sunday, 27 April 2014

Installing DHCP Server


One of the most indispensable service inside a network is DHCP. Network information like IP Address, subnet mask, Default gateway, DNS address etc. are supplied via DHCP server.

A DHCP Server helps an administrator to maintain and manage the network or network segments in a better way.

I would be covering the steps involved in promoting a basic DHCP Server with Windows Server 2012.

Launch Server Manager and click Add Roles and Features.

The Add Roles and Features Wizard will be launched. Click Next


Here you will see the Server name and IP Address. I am promoting the DC as DHCP Server.
You can choose the desired server from the Server pool. Click Next to proceed.

Under the Server Roles section, choose DHCP Server and click Next.

Under Features section, you don't have to choose any feature but can proceed by clicking Next.

You got literally nothing to do with this window. This is just a brief up of what a DHCP Server does and the things to note before promoting a server as DHCP Server.


On proceeding, you will see the confirmation page. Click Install to start the Role installation. You can choose the option Restart the destination server automatically if required but a reboot is not need for DHCP Installation.

You can view the installation status as it progresses.


Once the installation is complete, you shall see the comment Installation succeeded on the respective server. But as it says, Configuration is required.

Launch Server Manager and you will see the notifications.


Click Complete DHCP configuration and a new wizard will popup.
Click Next to proceed.

The next option would be the Authorization window. In a domain environment, for a DHCP Server to issue IP address and other configurations, it should be authorized. In earlier days, authorization was done through the DHCP console.

You can specify the user credentials to use to authorize the Server. It can be the domain admin account or any other user account with the required privilege. You can even skip the authorization and authorize the server later on. However, I am authorizing the Server and proceeding.

Next is the Summary page

Click Close to finish

Now launch the DHCP Server console via the command dhcpmgmt.msc or through the new Metro UI Icon.

The DHCP Console will open up.

The next step is to configure the DHCP Scope.

To know more about a DHCP Scope, you may refer this link http://technet.microsoft.com/en-us/library/cc726954(v=ws.10).aspx

To configure a scope, right click IPv4. As you can see we can configure the DHCP server for both IPv4 and IPv6. Click New Scope to launch the scope creation wizard.

Click Next

Now assign a Scope name. It can anything which helps an administrator to identify the scope. If you are configuring different subnets for different VLANs, you can give the VLAN name or VLAN number to easily identify the scope. Click Next to proceed.

Next is the IP address range and Subnet configuration.

You have to specify the start address, end address and the length of the subnet mask.
Click Next to proceed.

Next is the IP exclusion and delay configuration. You can exclude a single IP address or a range of IP address from the assigned range. The excluded IP address won't be issued by the DHCP server. In addition to exclusion, you can configure a subnet delay. By configuring a delay, you are actually controlling the transmission of DCHPOFFER message in the DORA Process.

To know more about the working of DHCP, you shall refer the link below.

http://technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

To exclude IP address, type in the start and end IP address and click Add.
I had excluded three IP address from the pool

Now comes the Lease Duration option. By default the lease would be for 8 days.
The lease duration should be decided based on the networking devices you have. The lease specifies the time period for an IP address to stay in a client. The server will allocate an IP address to a client with a time period. In this case if I set the duration to 8 days, a client will contact the Server only after 8 days for an IP renewal. From a server perspective, an IP address will show as allocated for 8 days from the time of allocation. 

Click Next

We have finished configuring the basic options for a DHCP Server. A DHCP server is not just for dynamically assigning IP address but can assign Default Gateway (Router address), DNS Server details, WINS Server if any and may more. This can be done via configuring the advance options. You have the choice to configure it along with the scope or can be configured later on.

Choose Yes, I want to configure these options now and click Next

The next windows would be to specify the Default Gateway address.
Type in the IP address and click Add.


Click Next to proceed.

The next option is to configure the DNS Server name. If you are installing the DHCP Server on a domain infrastructure, you will see the name of your domain and the DNS server address under parent domain name and IP address. However, you can add more server names if you have or if you wish to.

Click Next to proceed.

Next comes the WINS Server option. Specify the name of the WINS Server if you have one running inside your network.This is not a mandatory option. You can just click Next to proceed.

Next would the final option in the scope creation process. Scope Activation.
The configured scope should be Active in order to issue IP address. You can activate and deactivate a scope when required.

Choose Yes, I want to activate this scope now and click Next.

Click Finish to complete the scope creation wizard.

The installation is now complete.

Under the DHCP Console, you will see the configured scope.

To view the address range and excluded IP address, expand Scope and click Address Pool

To view the summary of scope, right click scope and choose Display Statistics

You will see the details as follows.


Posted by at No comments:
Labels:

Saturday, 26 April 2014

Installing Active Directory


Active Directory is the directory service designed and implemented by Microsoft. Active Directory, widely known as AD, made its debut with Windows Server 2000. From the time of its introduction, companies and administrators are using it for some good reasons.

Active Directory provided the functionality of Identity and Access (IDA) solution. Active Directory stores information about Users, Groups, Computers, and other plenty of objects. In a nutshell, AD provides three major services. Authentication, Access Control and Auditing.Domain Controller is the server that is installed with the Active Directory Domain Service. Explained below the step by step process of installing Active Directory on a Windows Server 2012.

What is special with Windows Server 2012 when it comes to AD installation? AD was installed via the command dcpromo from the time it was available and we used this command even on Windows Server 2008 R2. On Windows Server 2012, you won’t be ableto use dcpromo to install Active Directory. What if I give the dcpromo command at Run? I was curious like you and did typed the command at Run. Here is what you will see if you try so.


In order to install Active Directory, you have to use Server Manager. If you have used Windows Server 2008, you must be familiar with Server Manager but there are considerable changes made to the Server Manager that you see in Windows Server 2012.

Launch Server Manager by click the Server Manager Icon on the taskbar or from the Start.









The Server Manager will popup. Active Directory Domain Services can be installed by adding the respective role. To add a new role, Click Add roles and features

Add roles and features can be accessed by clicking Manage. A drop down menu will appear and you can click Add Roles and Features.

The Add Roles and Features wizard will come up 

Click Next

You will be provided with two installation types. Role-based or feature-based installation and Remote Desktop Services installation. For installing Active Directory Directory Services, choose Role-based or feature-based installation and click next.

Now choose the server listed under the Server Pool. You will see the server name and the IP address. Click Next to proceed.



Under Server Roles you will see several available roles to install. Choose Active Directory Domain Services.

On choosing the role, the required features wizard will come up. Click Add Features and proceed.


Several other features like Group policy management will also be installed along with the ADDS. Do remember, we can add/remove roles and features as and when needed. You can proceed with the default selection. Click Next.


Next is the AD DS description page where it briefly explains about Active Directory Domain Services. 


Click Next

The confirmation page will be displayed where it shows all the roles and features selected.

You can see an option to Restart the destination Server automatically if required. By choosing this option you are actually agreeing to reboot the server if needed after the installation of roles. In the case of AD DS installation, a reboot is not needed soon after the role and feature installation.

Click Install to proceed. But if you have a second thought and decide to add some more feature, you can go back to previous options by clicking the Previous button.


After a few moments you should see the Installation succeeded message. However, there are instances where I met with Installation failed messages. But that's a different story.

Click Close to finish.

You may think the installation of Active Directory has been completed. Not really, but we are half the way. We just installed the Roles and Features for Active Directory Domain Services. We now need to configure it. The next few steps mentions about the configuration part.

Once you finish the role installation, launch the Server Manager. If you look closely you shall see notifications on the top right hand side.


Click on the Notifications and the details will appear as drop down.

You will see the option Promote this server to a domain controller

Click on it and the Active Directory Domain Services Configuration Wizard will popup.

We cannot install a domain as it is but have to install a new forest and a new tree. I suppose you know why. So if you want to install a new domain, you have to choose Add a new forest. But if you are about to install an additional Domain Controller, you have to choose Add a domain controller to an existing domain and if you are installing a new domain tree to an existing forest, you can choose Add a new domain to an existing forest.

In our case we have to choose Add a new forest and you will see the below screen.

Type the desired root domain name and click Next

Here are some good articles for choosing the domain name

http://social.technet.microsoft.com/wiki/contents/articles/17974.active-directory-domain-naming-considerations.aspx

http://support.microsoft.com/kb/909264

http://technet.microsoft.com/en-us/library/cc738121(v=ws.10).aspx

I am using the name testlab.com

On clicking next, you will see the Domain Controller Options where you have to input the DSRM password, Forest and Domain functional level.

If DNS is not installed or configured prior to Domain installation, you can choose the option Domain Name System (DNS) server. This will install the DNS server service which is mandatory for a domain's working.


You must know that the Forest and Domain functional level can be changed to lower levels if required. 

Input the DSRM password which should be a complex one and click Next

As I have mentioned earlier DNS is a vital component for the domain and the next option is for DNS. You will see an error message which reads like A delegation for this DNS Server cannot be created because the authoritative parent zone cannot be found. Don't panic, this is perfectly fine.

http://blogs.technet.com/b/activedirectoryua/archive/2011/07/07/a-delegation-for-this-dns-server-cannot-be-created-because-the-authoritative-parent-zone-cannot-be-found-or-it-does-not-run-windows-dns-server.aspx



Click Next to proceed.

Under Additional Options, you will see the NetBIOS name for your domain. You know the merits and de-merits of NetBIOS. If you don't, just hit some search engine and you will be flooded with articles on NetBIOS. 

Moving forward the next window would be the Database, Logs and SYSVOL folder location. By default it would be pointing to C:\Windows\NTDS and C:\Windows\SYSVOL. All these folder play a very vital role and should be placed wisely. If you are not so familiar with these, you can proceed with the default options. 


Next would be the review page where we can see the consolidated report of all the chosen options. Yes, you have the freedom to go back and change the settings if you wish to.

If everything is fine from your end, click Next

The wizard will now run the Prerequisites check where it will check whether the server and the settings are really up to the mark for Active Directory installation. You may be facing prerequisite check error. Go through the results and you have to rerun the check until you see All prerequisite checks passed successfully.

Click Install to start the Active Directory installation.

The installation will progress and in a few moments the AD installation will be completed.



Once the installation is finished, your machine will reboot.

You can access Active Directory User and Computers through the old dsa.msc command at Run or through the new metro UI Icon.



Voila ! Active Directory Domain Service installation is now complete.


Posted by at No comments:
Labels:
Subscribe to: Comments (Atom)