Microsoft Lab 3 – ADC (Application Delivery Controllers)

Download

ADC

In Lab 3 - Active Directory Configuration (ADC), participants typically engage in the setup and configuration of Active Directory services on a Windows Server 2016 environment. This lab involves tasks such as promoting the server to a domain controller, configuring domain services, and establishing the structure of the Active Directory forest and domain. Participants may also explore user and group management, security policies, and Group Policy Objects (GPOs) to enforce configurations across the domain. The lab aims to provide hands-on experience in deploying and configuring Active Directory, a crucial component for centralized authentication, authorization, and management in a Windows Server environment. Successful completion of Microsoft Lab 3 equips participants with foundational skills in ADC, enabling them to establish and manage robust directory services within their network infrastructure.

Lab:

Additional AD domain controller is used to balance the load among existing domain controllers. It also provides fault-tolerance that in case primary AD DC is down, additional AD DC can be used for authentications without any business discontinuity.

Prerequisites

  1. Administrator account has strong password
  2. Static IP is configured
  3. Latest windows updates are installed
  4. Firewall is turned off
  5. Active directory domain controller is configured and up
  6. DNS settings of server are pointing towards correct AD domain controller

Steps

  1. Installing active directory domain service role on a server
  2. Promoting that server to act as an additional active directory domain controller
  3. Verification

1. Adding Active Directory Domain Services Roles

  1. First we click on Add roles and features

2. The first page of the Add Roles and Features Wizard describes what this wizard does and recommends a few prerequisite tasks.  Just click Next here to continue.

3. The Installation Type page gives us two options although we’re only concerned with one.  Leave the radio button on the Role-based or feature-based installation option and click Next

4. The Server Selection page is where we can select one or more servers to install roles and features to.  The default setting is the local server and so we’ll leave it as is and click Next

5. The Server Roles page has a ton of possible roles to install.  The Active Directory Domain Services and DNS Server roles need to both be checked

6. When you check the Active Directory Domain Services role it will pop open another dialog that notifies you of additional features that will automatically be installed along with the AD DS roles.  These features are needed to manage the AD DS role through PowerShell, the GUI and the command line.  When you click the Add Features button the AD DS Role will show as checked

7. When you check the DNS Server role it will pop open another dialog that notifies you of additional features that will automatically be installed along with the DNS Server roles.  This feature is the DNS Server command line and GUI tool.  When you click the Add Features button the DNS Server Role will show as checked

8. With both roles selected we can now click Next

9. On the Features page nothing else needs to be added so we can click Next

10. The DNS Server page describes the DNS Server role.  Click Next to Continue

11. The AD DS page describes the role you’re installing and tells you that you need to install DNS Server.  Click Next to continue here as well

12. The Confirmation page displays the roles and features we previously selected and allows us to verify our choices

13. After clicking Install the installation process for the roles and features selected will begin

14. When the process completes we’re presented with a link to Promote this server to a domain controller. Clicking the link opens up the Active Directory Domain Services Configuration Wizard.

2. Adding a domain controller to an existing domain

  1. On the Deployment Configuration page
  • select the deployment operation as Add a domain controller to an existing domain
  • Specify the domain information for this operation as domain name rstforum.com
  • Specify the credentials to perform this operation

2. On the Domain Controller Options page

  • Specify domain controller capabilities and site information check boxes have 3 option in which the DNS and Global Catalog options are automatically selected.
  • We also must enter a Directory Services Restore Mode (DSRM) password here. DSRM is essentially safe mode for a domain controller which allows an administrator to Repair or restore an Active Directory database.

3. Moving to the DNS Options sub-page we see a warning indicating that the wizard can’t create a delegation for you.  This error is being and can be ignored.  It’s trying to contact a DNS server that is authoritative for the domain that doesn’t exist yet.  Click Next here

4. On Additional Options page specify Replication from Server-1.rstforum.com

5. Paths for the Active Directory Database, Logs and SYSVOL. Leave it by default and Click Next again

6. This one should be pretty self-explanatory.  Make sure you picked all the right options and click Next

7. The Prerequisites Check makes sure your server is ready to go and a green check at the top signifies we’re clear to click Install

8. Clicking Install starts the promotion of this server to an Active Directory Domain Controller and usually takes a few minutes

9. When the wizard has completed you’ll see a green check notification in the dialog that states the server was successfully configured as a domain controller.  You will also be notified that you’re being logged out because the server is going to restart.

Windows will restart and start applying all the setting changes necessary to make this server an Active Directory Domain Controller.

10. When it finishes rebooting the installation is complete and you can login using domain credentials

3. Verification

  • In DNS Manager under Forward Lookup Zones of rstforum.com the Host(A) record of ADC server will be made automatically

  • In Active Directory Users and Computers under Domain Controllers you can see Server-2 which is an ADC server in Pune site

  • In Active Directory Sites and Services you will be able to see the Server-2 which an ADC server under the Servers of Pune site