ติดตั้ง Active Directory บน Windows Server 2016.
บันทึก: Before installing the AD role, you must install the DNS role. (DNS – required component for AD)
Install Active Directory Domain Services with Graphical Interface (กุย)
1. Start your Server and start the ผู้จัดการเซิร์ฟเวอร์ คอนโซล (by default starts after user login);
2. Click Manage (upper menu) แล้วคลิก เพิ่มบทบาทและคุณสมบัติ;
3. คลิก ต่อไป ปุ่ม;
4. เลือก การติดตั้งตามบทบาทหรือตามคุณลักษณะ แล้วคลิก ต่อไป ปุ่ม;
5. เลือกเซิร์ฟเวอร์เป้าหมายของคุณ (in my case it’s only one) และคลิก ต่อไป ปุ่ม;
6. ตั้งค่าเครื่องหมายถูก บริการโดเมน Active Directory (เพิ่ม);
7. ในหน้าต่างป๊อปอัปให้คลิก เพิ่มคุณสมบัติ ปุ่ม (added some AD management tools);
8. คลิก ต่อไป ปุ่ม;
9. For now we don’t need any คุณสมบัติ, so click ต่อไป;
10. Read the short text about AD and click the ต่อไป ปุ่ม;
11. You may set a check mark Restart the destination server automatically if required (by default not required). คลิก ติดตั้ง ปุ่ม;
12. After installation is complete click the ปิด ปุ่ม;
13. After role installation is complete you will see a yellow triangle in the upper menu. Click on it to show the next list, คลิก Promote this server to a domain controller (to make this device Domain Controller, aka DC);
14. เลือก เพิ่มป่าใหม่ (in my case this is a new DC and new forest), and enter the Root domain name (this is our future domain). คลิก ต่อไป ปุ่ม;
15. Select your:
- Forest functional level;
- Domain functional level;
Type the DSRM password (make it strong, needed for future restore if it fell) แล้วคลิก ต่อไป ปุ่ม;
16. If you have parent DNS click Show more;
17. Read the short text about DNS delegation and click the OK button.If needed- create a DNS delegation. If you don’t need to Create DNS delegation (ตัวอย่างเช่น) – click ต่อไป ปุ่ม;
18. เข้า The NetBIOS domain name of your domain and click ต่อไป ปุ่ม;
19. If need – specify the location of AD DS objects, และคลิก ต่อไป ปุ่ม;
20. Read the summary information, and if all is OK click ต่อไป ปุ่ม;
21. After checking pre-requirements click ติดตั้ง;
22. Installation began;
23. After installation is complete you get a pop-up about Signing out and the system restarting. You may click the ปิด button or wait to restart;
24. System restart;
25. After restarting you will see, that you are able to log in as Domain Administrator;
26. After login to the system, when the Server Manager console shows up you will see the installed role AD DS;
Install Active Directory Domain Services with Windows Powershell
The first thing you will need to do is open Windows PowerShell. Once you have logged into the system and are faced with the command line, simply type พาวเวอร์เชลล์ (in Windows Core). For the desktop interface run พาวเวอร์เชลล์ (ผู้ดูแลระบบ).
1. Execute:
Get-WindowsFeature
2. Once the command has been completed successfully, you will be presented with all the uninstalled, but available, modules.
3. Once we have figured out the service name and the module name, we now have to go ahead and install it.
Install-WindowsFeature AD-Domain-Services
This command will extract all required binary files and start the installation procedure.
4. Let’s create a new forest.
Import-Module ADDSDeployment
บันทึก: If the command is completed successfully then you will be faced with a blank prompt.
5. ตอนนี้, you will need need to promote your server to a domain controller as per your requirements – there are several commands that you can use to do this.
สั่งการ | คำอธิบาย |
Add-ADDSReadOnlyDomainControllerAccount | Install a read-only domain controller |
Install-ADDSDomain | Install the first domain controller in a child or tree domain |
Install-ADDSDomainController | Install an additional domain controller in a domain |
Install-ADDSForest | Install the first domain controller in the new forest |
Test-ADDSDomainControllerInstallation | Verify prerequisites to install an additional domain controller in a domain |
Test-ADDSDomainControllerUninstallation | Uninstall AD services from the server |
Test-ADDSDomainInstallation | Verify prerequisites to install the first domain controller in a child or tree domain |
Test-ADDSForestInstallation | Install the first domain controller in the new forest |
Test-ADDSReadOnlyDomainControllAccountCreation | Verify prerequisites to install a read-only domain controller |
Uninstall-ADDSDomainController | Uninstall the domain controller from the server |
To install the Active Directory with the default configuration, execute the following command:
Install-ADDSForest
This will install the basic features and functions, อย่างไรก็ตาม, if you want to install a customized setup:
Install-ADDSForest
-CreateDnsDelegation:$false
-DatabasePath “C:\Windows\NTDS”
-DomainMode “Win2012R2”
-DomainName “yourdomain.com”
-DomainNetbiosName “YOURDOMAIN”
-ForestMode “Win2016”
-InstallDns:$true
-LogPath “C:\Windows\NTDS”
-NoRebootOnCompletion:$false
-SysvolPath “C:\Windows\SYSVOL”
-Force:$true
Once you execute this, you will be asked to enter SafeModeAdministratorPassword – this is for the Directory Services Restore Mode (DSRM). Once you set this password here Windows will finish the AD installation and configuration on your Windows Server based on the input provided.
6. The Active Directory will now install. You may receive various warnings, depending on whether you have static IPs or not. Your server may automatically restart during this process as well.
awsome