70-742 Lab 1, Installing and Configuring Domain Controllers

Introduction

This tutorial provides a comprehensive guide to installing and configuring domain controllers based on the exercises outlined in the video "70-742 Lab 1, Installing and Configuring Domain Controllers." You'll learn how to set up a new forest, demote a domain controller, add a domain controller to an existing domain, move operations masters, and seize operations masters. This guide is essential for IT professionals and students preparing for certification exams related to Windows Server and Active Directory.

Step 1: Installing a New Forest

To create a new Active Directory forest, follow these steps:

1. Open Server Manager.

   • Click on "Add roles and features."
   • Proceed through the wizard until you reach the "Server Roles" section.

2. Select Active Directory Domain Services.

   • Check the box next to this role and proceed with the installation.

3. Promote the server to a domain controller.

   • After installation, go to the notifications flag in Server Manager and click on "Promote this server to a domain controller."
   • Choose "Add a new forest" and enter your desired root domain name (e.g., example.com).

4. Configure additional options.

   • Specify the forest functional level, domain functional level, and set a Directory Services Restore Mode (DSRM) password.

5. Complete the installation.

   • Review your selections and click "Install." The server will restart upon completion.

Step 2: Demoting a Domain Controller

To remove a domain controller from your Active Directory environment:

1. Open Server Manager.

   • Navigate to the "Manage" menu and select "Remove Roles and Features."

2. Follow the wizard.

   • Continue through the wizard until you reach the "Active Directory Domain Services" section.

3. Demote the domain controller.

   • Choose the option to "Demote this domain controller."
   • Enter the credentials for a user who has permission to remove the domain controller.

4. Complete the demotion.

   • Follow the prompts to finalize the process and restart the server.

Step 3: Adding a Domain Controller to an Existing Domain

To expand your Active Directory by adding a new domain controller:

1. Open Server Manager.

   • Start the "Add roles and features" wizard again.

2. Select Active Directory Domain Services.

   • Install the role as previously described.

3. Promote the server.

   • Click on the notifications flag and choose "Promote this server to a domain controller."
   • Select "Add a domain controller to an existing domain."

4. Enter domain information.

   • Specify the domain name and credentials of a user with permissions to add a DC.

5. Configure site settings.

   • Choose the appropriate Active Directory site for the new domain controller.

6. Complete the promotion.

   • Review settings and click "Install." Let the server restart after installation.

Step 4: Moving Operations Masters

To transfer or seize operations master roles:

1. Open Active Directory Users and Computers.

   • Right-click the domain name and select "Operations Masters."

2. Choose the role to transfer.

   • There are three roles: Schema Master, Domain Naming Master, and the Infrastructure Master.

3. Transfer the role.

   • Click on the "Change" button to transfer the selected role to the desired domain controller.

4. Confirm the action.

   • Ensure that the action is completed successfully.

Step 5: Seizing Operations Masters

If the current operations master is unavailable, you may need to seize the roles:

1. Open Command Prompt as Administrator.

   • Use the ntdsutil command to access the Active Directory Domain Services.

2. Enter the ntdsutil tool.

   • Type ntdsutil and press Enter.

3. Access the roles.

   • Enter roles, then connections to connect to the desired domain controller.

4. Seize roles.

   • Use the command seize <role> for each role you need to take over (e.g., seize infrastructure master).

5. Verify the changes.

   • Check the Active Directory Users and Computers to ensure the roles were successfully seized.

Conclusion

In this tutorial, you learned how to install and configure domain controllers, including creating a new forest, demoting a DC, adding a DC to an existing domain, and managing operations master roles. These skills are critical for maintaining a functional Active Directory environment. As a next step, consider practicing these procedures in a virtual lab to reinforce your understanding and gain hands-on experience.