Run Windows Server 2008 R2

In this series we will show you how to create a Lab Domain Controller in Windows Server 2008 R2.

We will start with the first computer installation in the experimental network. This will be a Windows Server 2008 R2 computer that uses a virtual processor and 512 MB of virtual RAM. During the installation process, we will use a bridged network connection on a virtual NIC. Some people can use NAT and that is also quite good. The problem here is that you want to connect an active network to be able to access updates during the initial installation. After the initial installation is complete, we will move this virtual machine to another virtual network for the reason that it is placed behind the virtual TMG firewall. The TMG firewall VM will have an active network connection and all VMs will be placed behind it.

In VMware Workstation 6.5, we will create a new virtual machine (VM) and write the Windows Server 2008 R2 .iso file to the CD so that the computer boots from that .iso file. When the computer is first launched, you will see the first page of the installation wizard asking for the installation language, time, format and keyboard or input method.
Click Next after selecting your options.

Then the installer will give you the option to Install now . Please click this option to install.

The .iso file has all versions of Windows Server 2008 R2 and we can choose which version we want to install here. Note that you can also install Server Core versions from here. However, in this tutorial, I chose Windows Server 2008 R2 Enterprise (Full Installation) and clicked Next .

Check the I accept the license terms check box in the registration agreement page and click Next .

With the question Which type of installation do you want? You can choose which option you like. However, for the installation to be bright and easy to understand, click the Custom (advanced) option. Note that there is no 'Next' option on this page, but you will quickly switch to the next page when you're done with your selected action.

Here you will have to decide where you want to install the system files. In the example, we created a 24 GB dynamic virtual disk file for the operating system. Remember, dynamic disk files use only the space they need - not all the space until it is needed.

Click Next .

Figure 6

Now the installation process will begin - it will take a long time. Please estimate about an hour or two and come back to see what happens to your settings.

During the initial login process, the installer will ask you to create a password. Click OK when you see the screen shown below.

Enter the password, confirm the password and do not click OK (because there is no OK to click here). Instead, click the arrow icon next to the confirmation password entry box.

Now the password has been changed. Click OK .

You can remember the Initial Configuration Tasks window if you used Windows Server 2008. If you have never used Windows Server 2008 and switched from Windows Server 2003, the Initial Configuration Tasks window will give you access to many things. that you need to do when the operating system software is installed. After looking at some of the options in this window, you can see that many of the options that you have configured during the installation process for earlier versions of Windows are also configured here. The goal is to create fewer inputs during the installation process and perform them at the end of the delivery. This is an interesting way.

From the Initial Configuration Tasks window, set the components below:

We will need to consider some other issues when providing this computer with an IP address on the network. Set the hostname to FFWIN2008R2DC, and information about the IP address is:

The default port will be TMG 2010 firewall - this is the port that we will install later in this series.

Upgrade Windows Server 2008 R2 virtual machine to Domain Controller

The next step is to make this computer a domain controller. If you are from the Windows Server 2003 world, you will see that this step is very different. You will still need to run dcpromo from the Run command prompt , but you need to install the Active Directory Domain Controller role. Server roles are a new concept in Windows Server 2008 - where server services are considered 'roles'. The Active Directory Domain Controller role is a bit different because it is a two-step process for installing Active Directory DC: first install the role, then run dcpromo .

Go to Server Manager and click the Roles button in the left panel of the console. Then click on the Add Roles link in the right pane.

That will make the Before You Begin page appear. If this is the first time you install a role using Server Manager, read the information on this page. If you are already familiar with Server Manager, then click Next to continue.

Here you select what Server Roles you want to install. We will install other Server Roles later, but we want to install the DC role first. Select Active Directory Domain Services by placing a checkmark in the checkbox. Note that the wizard will show you the number of features that will be installed along with the Active Directory Server Role. Click the Add Required Features button to install these additional features with the Active Directory Server Role.

After selecting the Active Directory DC Server Role, you will see information about Server Role. Some things to note here are:

Figure 15

Click Install to install the required files to run dcpromo .

Installation was successful. Click Close .

Now go to the Start menu, type dcpromo into the search box. You will find it in the list as shown in the figure below. Click dcpromo .

Figure 18

This will launch Welcome to the Active Directory Domain Service Installation Wizard . We don't need advanced options in this scenario, so just click Next .

On the Operating System Compatibility page, you will be warned that NT and non-Microsoft SMB clients will experience problems with some cryptographic algorithms used by Windows Server 2008 R2. We don't have this problem in the test network, so click Next .

On the Choose a Deployment Configuration page, select the option Create a new domain in a new forest. We do so because this is a new domain within a new forest.

In the Name the Forest Root Domain page , enter the domain name in the FQDN input box of the forest room domain . In this example we will name the domain fflab.net . However, you can put any name of your choice. Click Next.

Figure 22

On the Set Forest Functional Level page , select the Windows Server 2008 R2 option (not the option you see in the picture below). Here we want to select the option so that we can take advantage of all the exciting new features included with Windows Server 2008 R2. Click Next .

On the Additional Domain Controller Options page , we have only one option: DNS server . The Global catalog option is defaulted because this is just a DC in this domain, so it must be a Global Catalog server. The Read-only domain controller (RODC) option is unchecked because you must have another non-RODC in the network to enable this option. Select the DNS server option and click Next .

A dialog box will appear saying that you cannot create delegates for this DNS server because it cannot find the authentication area or it does not run Windows DNS server. The reason for this is because this is the first DC on the network. You should not worry about this and just click Yes to continue.

Leave the Database, Log Files and SYSVOL folders in their default locations and click Next .

In the Directory Service Restore Mode Administrator Password , enter a strong password in the Password and Confirm password input boxes .

Figure 27

Confirm the information on the Summary page and click Next .

Active Directory will install. The first DC will install quite quickly. Put a checkmark in the Reboot on completion check box so that the computer will automatically restart when the DC installation is complete.

The computer will restart automatically because we have selected that option. Installation will complete when you log in. With Windows Server 2008 you will see some configurations that occur when you are logged in, but this does not happen with Windows Server 2008 R2.

DNS service is installed during Active Directory installation, so we don't need to worry about it. There are several other services that we should install on this domain:

However, only DHCP and Certificate Services are considered 'roles' and WINS is considered a feature.

ncG1vNJzZmismaXArq3KnmWcp51kv7a6jLCgp5yfrMBuv8SrrZ6qXWd9cYSMq2lmoZ6owaK4y2aYp5xdmL%2BmrdOeZJplnJavbrDOppiipl2YvK%2FA0aijpZ2iYr2ivtNmaA%3D%3D