How to completely design and setup an Active Directory Domain Infrastructure - Part 2

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

alright guys welcome back so this is the second video in the last video we just quickly set up this first primary domain controller and configured our home network for statically assigned IP addresses so actually what I'm going to do is I'm going to take a second just to activate the server here so give me a quick second you can download all these trial servers at Microsoft for 180 days and they email you a product key for 180 days so yeah just give me a quick second I'll be right back actually to do that you can just click on you go to server manager and then up here on the right you just go activate windows and now give me a quick second here just type in your key and hit next alright so I'm all activated here you can see down here got my evaluation 180 days so what we're going to do now is I guess we can go ahead and talk about Active Directory and you know check out what our scheme is going to be like but first off I just want to go to a quick little whiteboard here and explain a couple things you know that you want to take note of when you're designing your network all right so bear with me here I just bought this new stylus pen ok so what we did is we set up technology calm and like I was saying that's our forest root domain that was our first domain controller installed for technology comm so that by default makes that the like forest root domain controller so what a forest is quickly in you know design terms is represented represented as a triangle okay so tech knowledge that server that we just installed resides inside of this you know domain here we also got a bunch of users that log in they all go into this domain controller to access their logins you know we got groups we got a whole bunch of stuff here all of rather servers you know our SQL SharePoint our file that our backup all reside in here the only one that's not going to reside well even the read only domain controller that is going to reside in here but it's going to be physically located in another part of the you know the province so we're going to have two divisions here we're going to have a bury a berry Network which consists of most of our company and then we're going to have a Timmins Network which is going to be a smaller size version of our company there's not going to be really any IT staff there so we're going to implement a read only domain controller which will have a replica of our you know of our primary domain controllers and everything so for instance we have our you know our server over here our primary domain controller you know that's located you know what Barry and then we got a read only domain controller which is located in Timmons now connecting these is going to be a LAN link okay so when link is a wide area network now when you have users over here in Timmons and they're logging in well they're going to log into the read only domain controller if this wasn't if this wasn't implemented they would have to cross this ran link and login to our primary domain controller and this can use up a lot of we know wasted bandwidth so we're going to design a read only domain controller in the Timmons network but it's still going to reside in this forest here okay so you just got to visualize that the forest is is everything in our domain controller now we can have child domains let me just clean this up here real quick ok so we have our domain our forest right here which is technology com okay we can have another branch down here and this is what it would look like on a like a design sheet you know you have a bunch of triangles connected that just that means a different domain space so for instance if our company was big enough and let's say you know we had the marketing the sales HR all that in this domain let's say marketing got really big and was really huge and we needed two mighty staff that need to have their own you know segregated department well we could move marketing down here in their own kind of domain and they would be called marketing dot tech knowledge can't spell calm and that's what a child domain would be this would be like a tree so a tree if you've seen my other video a tree resides in the same namespace here okay so you got your forest which is technology and then this is a tree it branches down as you can kind of see here and then we can segregate the marketing so they would no longer be in this domain here they would login access all their own resources all in this domain but for our sake we're going to have just what's called a single forest you know administration so we're going to have one IT staff who is Paul and he's going to be the forest administrators you can say so he's going to administer everything that goes on here and he'll delegate administrative controls over you know down lower level administrators you know like helpdesk users who have to reset passwords and whatnot moving on from this now I'm going to just kind of show you what we're going to use for our our IP scheme here like I said we have the 10.10 10.0 namespace so we've got 10 10 10 0 that's our network we're using and our gateway to the Internet is 10 10 10 dot one - 24 4 to 5 5 to 5 5.0 ok so that represents our subnet mask and what that represent is our network so 10 10 10 10 is our network which leaves us 255 usable IP addresses in this range but we need to separate our IP addresses so we can have our servers so we have our primary domain controller we're going to have our secondary domain can shoulder we're gonna have our big file server we're going to have our SQL Server our SharePoint no doubt our backup and I believe that was everything oh yeah I read only domain controller and yeah that's everything so I did kind of put it a little designed together and I'm going to use the address as 10 10 10 5 through 20 as servers that are just addresses that can't be used for anything whether we install printers later on or get more servers later on we'll have a little bit of extra room here but these servers are not going to be these IP addresses and are not going to be handed out by our DHCP server so our primary domain controller which we already installed is 10 10 10 12 our secondary can be 10.10 10 dot I don't know let's say 6 and this is going to be 7 so those are going to be our our IP addresses that we're going to use and I'm not going to waste our time and go through setting up each individual one I'll do it on the fly as we use them and I'll have them done before I make the videos ok so moving on now we're going to just set up DHCP quickly and then probably the next video we'll go through Active Directory because now DHCP will be working and all of our servers will get the proper IP addresses that they got here ok so let's open up our server here and we can go we're in server manager so we can go to roles I started click on the roles here and go to add roles and we can just skip this for defaults then we're going to set up our DHCP server so it's just going to go ahead and set up everything and again this is going to be some quick notes here too if you want to read over some things you can just click on those links the scope here or the connection binding I guess keep this default we only have the one server so let's just bind into that and it's going to validate our DNS server so alternate DNS we could assign it this secondary domain controller 10.6 but we'll leave it for now as just having our own this is a loopback address 127.0.0.1 that's going to loop back so it'll just loop back to the domain controller here so we're just hitting next here and we don't have a wins server so what that's for is for older Windows NT 4 clients who were trying to log in can access the wind server to log in but we don't have to worry about that so we're going to hit next and the DHCP scope we can do this later or we can do it now I'm going to do it later just for sake of getting this getting through this little wizard here page here we can enable you know IP version 6 or disable it for this video I'll just disable it for now we can get into it later if we want to and here is just the credentials that are going to be used so let's say if you're running this wizard on a lower level administrator you can specify you can get your you know you can get the maenette IT ID manager to come in and put his credentials in here if you don't look over the settings let's say but for now we're going to use the administrator and hit next and just confirm everything and then it's going to run through the installation wizard or the installation here and when it's done I'll return to the recording all right so that's done so I'm just going to close out of that and we don't need to restart anything it's red X because it's not set up yet and you'll just see that it failed and then it reset itself you know couldn't bind you know failed to see directory server for authorization and then here it will have authorized so C is authorized to start servicing so don't worry it on the red X care yet so I'm seeing an exit server manager I don't like working in it actually what I like doing is getting myself a little desktop shortcuts here going on and go to admin tools and I'm going to select domains and trusts because we're going to use that users and computers ADSI edit is good DHCP DNS and Group Policy Manager those are what I like to use right click send to desktop alright so what we're doing I am we're going to do our DHCP scope here so just open up DHCP I remove this right pane here and what we're going to do now is just set it up so click on your domain here domain node click on IP version 4 and you're gonna want to right-click and configure a new scope next here and what we're going to call this so you have provided scope name so we're going to just call it the tech knowledge and hit next and starting IP addresses yeah sorry there I totally forgot to I was thinking about this I totally forgot to show you guys the IP scheme that we're using so give me a quick second here just got to open up my little sketchbook some won't take long so we had 10.10 10.0 and we used up 5 to 24 hour servers we didn't use them up but we're just going to hold those off our servers so the users they're going to start at 10 10 10 dot 21 and go all the way up to 250 we can go to 50 and then leave the last 5 just out of the picture for now it's close to the end of the the IP scheme so yeah like our DHCP scope is going to be for this range here and then we're going to set up reservations for this scope okay just want to kind of clarify that I kind of knew I was missing something there so yeah so the starting is going to be 21 and ending is going to be 250 and the length of our subnet mask is 24 and we're going to hit next and is there any IP address range you want to exclude so now we're going to exclude these servers oops 5 I said 20 I believe yeah 5 to 20 hit add Oh forgot to keep getting mixed up there I got to add them in here and then exclude them from here and then the lease for the clients so what that means is when you get an IP address here I'll just sketch that up for you it's good to have visuals I know I got my new sketch pad and I'm just going to find excuses to use it but we got the server here ok this is our primary domain controller our active directory domain services roles DNS and now DHCP so now users in technology calm when they log in when they turn their computers on their little computer is going to log into the domain controller here and for the first time so they're sent ocation is going to be done through Kerberos and you know they're going to get tickets to access resources and everything on our network but when the computer logs in for the first time DHCP is going to give it an IP address and as you can remember that the computer will remember that IP address and DHCP you'll remember that IP address for 8 days so that's what police means just letting you guys know that okay so hit next and do you want to configure the DHCP options for the scope now yeah I do and what that's going to do is like set up the router and just the basic settings so that any computer that logs into those IP addresses will have a router to go to and have a DNS server to look up so it's important for a scope and you can add more things in it after you're done here so the router is 10.10 10.1 ad we don't have any other routers for now so we just hit next the DNS server is obviously our server here but everyone else is I'm going to know to look at their self so we're going to remove that and we're going to add in 1010 to 12 to point to our domain controller here that has its set up so we're going to add that it's going to validate and it's good to go so now we're going to hit next and our win the server we don't have one of those set up so we're going to hit next and you want to activate the scope yes I do and I'm going to hit finish and now we're we have our DHCP set up so I'll just go through these little folder lists here so when you're in when you're in DHCP the console and you go down your scope your technology scope you can see your address pool so it goes from 5 to 250 but it excludes 5 to 20 and our address leases there's none right now those no one's connected yet reservations this is where we're going to go and set up for our servers now so to do this we're going to need our MAC address for each server so what we're going to do now and don't forget the server's aren't part of the domain so they're not actually on the network yet so when they do get this network that's when they're going to be assigned these addresses so when they first start up they are going to get an address from the range that we provided here so I'm going to start up our secondary domain controller here I don't like using VMware but like I like it but I would rather remote desktop into it so I'll set up remote desktop and then we'll remote into it from there I'm just going to close these guys off for now okay so I'm going to login with our secondary domain controller local admin don't get confused about local and domain accounts and all that it's just simple like when you think of a local account it's the computer so this computer if it was physical the local accounts is that administrator so the bori to not bore you guys I've went ahead and renamed all the computers to match up what they are so technology domain controller Oh - and actually again I'm going to activate my server here so give me a second alright so I'm all activated here and yeah oh yeah so I was always getting the MAC address for you guys and we're going to enable remote desktop so we'll do remote desktop first so just click on this configure remote desktop and allow network level authentication hit apply and ok so now we're going to close out of this and we're going to open up our command prompt to get our MAC address here so you want to do an IP config - all and you can see here your physical MAC address that's your MAC address for the computer and you can act you can also see here too that we did get our we do have things set up so our default gateway came out as 10.10 10.1 DHCP server came out as dot 12 where's our IP address right here so 10.10 1021 so you can see our DHCP servers is working because that's our our pool is from five to or sorry it starts at 20 because we have these excluded so 21 is the first IP address let me refresh that and you can see now that we you can visually see now that our second domain controller showed up in our leases here so DHCP servers working but I want that MAC address there shimmy this guy over get a reservation going on here so our second domain controller we set is going to be dot nine so 10.10 10.9 and then we can just there you go and the MAC address is zero zero - zero see oops - two nine seven eight zero f - B six and a description I guess copy that put that there and this trusty C there you go so that's done hit close and now you can see we have a reservation here it has its proper scope options that's what we configured there in the wizard and now if I do an IP config - release oops and then do it renew I should get my 10.9 IP address hopefully I got some work to do and there we go so 10.10 10.9 is the IP address of our secondary domain controller here so we're DHCP is working and if you want to check out those scope options I was telling you about you can go to properties here oops scope options right there so configure option sorry and this here is you can you can set up a whole bunch of other options so the wind server if you ever did get a wind server you can set it up here that's where you can go and set up additional options for your clients to get and yeah so that's about it so I refresh that other old IP address just gone and it's now back in the pool so I'm just kind of blabbing here so I guess the next video we're going to I guess go through our active directory structure now and actually start building it I know you know what next I'm going to set up the secondary domain controller here alright so well thanks for watching guys

Info

Channel: Paul St.Onge

Views: 19,375

Rating: undefined out of 5

Keywords: tech knowledge computers, tech knowledge comp, tech knowledge, paul st onge, st onge, DHCP, IP address, Reservations, Scope Options, configuring, designing, Active Directory, windows, server, 2008 r2, testing dhcp, how to, guide, set up, tutorial, completely, design, acitve, directory, infrastructure, Software, Management, Office

Id: bzOZcyNAIoE

Channel Id: undefined

Length: 25min 42sec (1542 seconds)

Published: Sun Jan 20 2013