Step-by-Step Guide to a Common Infrastructure for Windows 2000 Server Deployment - Part 1: Installing a Windows 2000 Server as a Domain Controller

Introduction

This document describes a common infrastructure that will allow you to learn about and evaluate Windows® 2000 Server and Windows 2000 Professional. As you deploy the systems, think about how you will use them in your organization.

This document is part one of two. It installs a server as a domain controller and populates a sample Active DirectoryTM service structure. Part two describes steps to install a Windows 2000 Professional client and connect that client to the domain controller. First, complete the procedures in this document. Then use "Part Two: Installing and Connecting a Windows 2000 Professional Workstation and Connecting it to a Domain" to complete your base infrastructure.

All other Windows 2000 step-by-step guides assume that you have this common infrastructure. If you do not wish to follow this common infrastructure, you will need to make the appropriate allowances as you use the other guides.

Hardware Requirements

These are the hardware requirements for the common infrastructure:

Notes

• An Intel–processor-based server running Windows 2000 Server must have at least 64 megabytes (MB) of RAM. Microsoft recommends that the server have several gigabytes of disk storage. In addition, servers should be equipped with high-speed network interface cards.
• Use a sufficient number of workstations to simulate a variety of workstation environments, including your organization’s typical desktop, roaming user, mobile user, and any other configurations that may be appropriate. These computers must be capable of running Windows 2000 Professional. Microsoft recommends a minimum of 32 MB of RAM for Intel processor-based workstations. For best results, make sure that these computers have sufficient RAM and disk storage.
• A private network is recommended; therefore, you need sufficient network hubs and other networking hardware to connect all of the workstations and servers to a single network.
• You can use the Routing and Remote Access Service (RRAS) to evaluate the Windows 2000 Change and Configuration Management features in a remote user environment (where users only have dial-in access). Approved modems and asynchronous multi-port hardware are necessary to use RRAS.
• The most current information about hardware requirements and compatibility for servers, clients, and peripherals is available at the Windows 2000 Product Compatibility site.

Additional Server Parameters

If you add additional servers, continue the server naming convention as shown.

Server Configuration

Figure 1 below shows the basic server configuration.

Figure 1. The Server Configuration.

Server Disk Configuration

To use a single server for the infrastructure in this guide, you need a server with either two disk drives or a single disk drive with two partitions. (Some step-by-step guides in this series require additional servers or other equipment; those additions are addressed in the specific guide.)

The first disk or partition holds Windows 2000 and the other files for the common infrastructure, such as the Windows Installer packages and application source files.

The second disk or partition is reserved for procedures in other step-by-step guides. For example, it holds the operating system images for the "Step-by-Step Guide to Remote OS Installation."

Each disk or partition must hold several gigabytes of information, and each disk or partition must be formatted for the NTFS file system. The steps for creating partitions and formatting them are contained within this guide.

Server Installation

This installation procedure starts with making boot disks. You start the installation after booting from these disks. This procedure is used for these guides so that you can easily reconfigure the disk partitions.

Note: When you configure partitions and format drives, any data on the server hard drive is destroyed.

Making the Windows 2000 Installation Floppy Disks

You need four formatted disks and the Windows 2000 Server CD. On a computer running a 32-bit version of the Windows operating system:

1. Insert the Windows 2000 Server CD into the CD-ROM drive.
2. When prompted, Would you like to upgrade to Windows 2000, click No.
3. On the Windows 2000 Server CD splash screen, click Browse This CD.
4. When a list of folders appears, double-click the BOOTDISK folder.
5. Double-click MAKEBT32.
6. At the prompt, Please specify the floppy drive to copy the images to, type: A.
7. Insert the first disk, and press Enter.
8. Follow the instructions to create the remaining three disks.
   
   Best Practice: Label the disks as prompted during the creation process so that you will know the correct order to use them for Setup.
9. Close the BOOTDISK folder and close the Windows 2000 CD splash screen.

Beginning the Installation

Setup creates the disk partitions on the computer running Windows 2000 Server, formats the drive, and then copies installation files from the CD to the server.

Note: These instructions assume you are installing Windows 2000 Server on a computer that is not already running Windows. If you are upgrading from an older version of Windows, some of the installation steps may differ.

1. Insert the Windows 2000 Server installation floppy disk number one.
2. Restart the computer. The Windows 2000 Server installation begins.
3. Insert the remaining three Windows 2000 Server installation disks as prompted by Windows 2000 Setup.
4. At the Welcome to Setup screen, press Enter.
5. Review and if acceptable, agree to the license agreement by pressing F8.
   
   Note: If you had a previous version of Windows 2000 installed on this server, you might get a message asking if you want to repair the drive. Press Esc to continue and not repair the drive.
   
6. Follow the instructions to delete all existing disk partitions. The exact steps will differ based on the number and type of partitions already on the computer. Continue to delete partitions until all disk space is labeled as Unpartitioned space.
7. When all disk space is labeled as Unpartitioned space, press C to create a partition in the unpartitioned space.
8. If your server has a single disk drive, split the available disk space in half to create two equal sized partitions. Delete the total space default value. Type the value of half your total disk space at the Create partition of size (in MB) prompt. Press Enter. (If your server has two disk drives, type the total size of the first drive at this prompt.)
9. After the New (Unformatted) partition is created, press Enter.
10. Select Format the partition using the NTFS file system (the default selection) and press Enter. Remove the floppy disk from the drive.

Windows 2000 Setup formats the partition and then copies the files from the Windows 2000 Server CD to the hard drive. The computer restarts, and the Windows 2000 Installation Program continues.

Continuing the Installation

This procedure continues the installation with the Windows 2000 Server Setup Wizard.

1. The Welcome to the Windows 2000 Setup Wizard appears, click Next. Windows 2000 then detects and installs devices. This can take several minutes, and during the process your screen may flicker.
2. In the Regional Settings dialog box, make changes required for your locale (typically, none are required for the United States), and click Next.
3. In the Personalize Your Software dialog, type Mike Nash in the Name box and type Reskit in the Organization box. Click Next.
4. Type the Product Key (found on the back of your Windows 2000 CD case) in the text boxes provided. Click Next.
5. In the Licensing Modes dialog box, select the appropriate licensing mode for your organization and click Next.
6. In the Computer Name and Administrator Password dialog box, type the new computer name HQ-RES-DC-01 in the computer name box and click Next.
   
   Best Practice: To facilitate the steps in these guides, the Administrator password is left blank and there is no password. This is bad security practice. When installing a server for your production network, a password should always be set.
   
   
7. In the Windows 2000 Components dialog box, click Next . Wait while networking components are installed. This takes a few minutes.
8. In the Date and Time Settings dialog, correct the current date and time if necessary and click Next.
9. In the Networking Settings dialog, make sure Typical Settings is selected and then click Next.
10. In the Workgroups or Computer Domain dialog box, No is selected by default, then click Next.
    
    Note: A domain name could be specified at this point, but this guide uses the Configure Your Server Wizard to create the domain name at a later time.
    
    Windows 2000 Server Installation continues and configures the necessary components. This takes a few minutes.
    
    
11. When you reach the Completing the Windows 2000 Setup Wizard, remove the CD-ROM from the drive and click Finish.

The server restarts and the operating system loads from the hard drive.

Configuring Your Server as a Domain Controller

Dynamic Host Configuration Protocol (DHCP), Domain Name Service (DNS), and DCPromo (the command-line tool that creates DNS and Active Directory) can be installed manually or by using the Windows 2000 Configure Your Server Wizard. This guide uses the wizard; the manual procedures are not covered here.

1. Press Ctrl-Alt-Del and log on to the server as administrator. Leave the password blank.
2. When the Windows 2000 Configure Your Server page appears, select This is the only server in my network and click Next.
3. Click Next to configure the server as a domain controller and set up Active Directory, DHCP, and DNS.
4. On the What do you want to name your domain page, type Reskit.
5. In the Domain name box, type com. Click on the screen outside of the textbox to see the Preview of the Active Directory domain name. Click Next.
   
   Note: As shown in Figure 2 below, the combined name appears as reskit.com in the Preview of Active Directory domain name box. The wizard puts the dot (.) into the name.
   
   
   Figure 2. Configure Your Server Wizard
   
6. Click Next to run the wizard. When prompted, insert the Windows 2000 Server CD-ROM. When the wizard is finished, the machine reboots.

The Configure Your Server Wizard installs DNS and DHCP and configures DNS, DHCP, and Active Directory. The default values set by the wizard are:

Reskit.com is the Active Directory domain and DNS name, and reskit is the down-level domain name.

Format the Second Disk Drive or Partition

Warning: Formatting the partition destroys any data on the partition. Make sure you do this only if necessary, and that you select the correct partition.

1. Log on to the server as the Administrator.
2. Clear the Show this screen at start-up check box in the Configure Your Server Wizard, and close the wizard.
3. Click Start, point to Programs, then point to Administrative Tools, and click Computer Management. The Computer Management snap-in appears.
4. Click the + next to Storage if the folder is not already expanded.
5. Click the Disk Management folder.
6. Right-click unallocated disk space and click Create partition.
7. The Welcome to the Create Partition wizard appears. Click Next.
8. Select Extended Partition, and click Next.
9. Accept the specified partition size by clicking Next, and then click Finish.
10. Right-click Free space and then click Create logical drive.
11. The Welcome to the Create Partition wizard appears. Click Next.
12. Select Logical drive, and click Next.
13. Accept the specified partition size by clicking Next.
14. Accept the default drive letter by clicking Next.
15. On the Format Partition page, accept the defaults for File system to use (NTFS format and the entire size of the partition), Allocation unit size, and Volume label. Click Next and then click Finish. The drive or partition will be formatted. This may take some time depending on the size of the disk and the speed of the computer. At the end, your window should look similar to Figure 3 below.
    
    
    Figure 3. Disk Management Snap-In Window.
    
    Note: You might get an error message saying Volume is open or in use. Request cannot be completed. This is a timing error because you just created the partition. If you receive this message, click OK, then right-click the partition again and click Format. Accept all defaults and click OK. You receive a warning that continuing the format will erase all data. Click OK.
    
    
16. After the disk or partition has been formatted, close the Disk management snap-in.

Active Directory

Active Directory Sample Infrastructure

The common infrastructure is based on the fictitious company Reskit.

Reskit has the DNS name reskit.com that was configured using the Configure Your Server Wizard in the preceding section. Figure 4 below illustrates the sample Active Directory structure.

Figure 4. Sample Active Directory Structure.

Of most interest here are the Domain (reskit.com), and the Accounts, Headquarters, Production, Marketing, Groups, Resources, Desktops, Laptops, and Servers organizational units (OUs). These are represented by circles in Figure 4. OUs exist for the delegation of administration and for the application of Group Policy and not to simply mirror a business organization. Please see the Windows 2000 Deployment Guide chapter, "Designing the Active Directory Structure," for an in-depth discussion on creating an OU structure.

Populating Active Directory

This section describes how to manually create the OUs, Users, and Security Groups outlined in Appendix A of this document.

To create Organizational Units and Groups

1. Click Start, point to Programs, then point to Administrative Tools, and click Active Directory Users and Computers.
2. Click the + next to Reskit.com to expand it. Click Reskit.com itself to show its contents in the right pane.
3. In the left pane, right-click Reskit.com, point to New, and click Organizational Unit.
4. Type Accounts in the name box, and click OK.
5. Repeat steps 3 and 4 to create the Groups and Resources OUs. These three OUs now show up in the right pane.
6. Click Accounts in the left pane. Its contents now display in the right pane (it is empty to start).
7. Right-click Accounts, point to New, and click Organizational Unit.
8. Type Headquarters, and click OK.
9. Repeat steps 6 and 7 to create the Production and Marketing OUs under Accounts. When you have finished, the OU structure should look like Figure 5 below:
   
   
   Figure 5. Create Organizational Units.
   
   
10. In the same way, create Desktops, Laptops, and Servers under the Resources OU.
11. Create the two security groups by right-clicking Groups, then pointing to New, then clicking Group. The two groups to add are Management and Non-management. The settings for each group should be Global and Security. Click OK to create each group.

To create User Accounts

1. In the left-hand screen, click the + next to the Accounts folder to expand it.
2. Click Headquarters (under Accounts) in the left-hand screen. Its contents now display in the right pane (it is empty at the beginning of this procedure).
3. Right-click Headquarters, point to New, and click User.
4. Type Teresa for the first name and Atkinson for the last name. (Note that the full name is automatically filled in at the full name box.)
5. Type Teresa for the User logon name. The window will look like Figure 6 below:
   
   
   Figure 6. Adding a User.
   
   
6. Click Next.
7. Click Next on the Password page to accept the defaults.
8. Click Finish. Teresa Atkinson now displays on the right-hand screen, as a user under Reskit.com/Accounts/Headquarters.
9. Repeat steps 2 through 7, adding the names listed in Appendix A for the Headquarters OU. When you are finished, the Headquarters OU screen appears as illustrated in Figure 7 below.
   
   
   Figure 7. User listing in the Headquarters OU.
   
   
10. Repeat steps 1 through 8 to create the users in the Production and Marketing OUs.

To add Users to Security Groups

1. In the left pane, click Groups.
2. In the right pane, double-click the group Management.
3. Click the Members tab and then click Add.
4. Select the users in the upper pane as shown in Figure 8 below by holding down the ctrl key while clicking each name; click Add to add them all at once. (The users who should be members of this security group are listed in Appendix A.) Their names will display in the bottom pane. Click OK to accept.
   
   
   Figure 8. The members of the Management group are drawn from three OUs
   
   
5. Repeat steps 2 through 4 to add members to the Non-management group.
6. Close the Active Directory Users and Computers snap-in.

Important Notes

The example company, organization, products, people, and events depicted in this step-by-step guide are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.

This common infrastructure is designed for use on a private network. The fictitious company name and DNS name used in the common infrastructure are not registered for use on the Internet. Please do not use this name on a public network or Internet.

The Active Directory service structure for this common infrastructure is designed to show how Microsoft Windows 2000 Change and Configuration Management works and functions with the Active Directory. It was not designed as a model for configuring an Active Directory for any organization—for such information see the Active Directory documentation.

Appendix A: Active Directory Populace Back to Top

Users

This feature information was obtained from the Microsoft Windows 2000 website at http://www.microsoft.com/windows2000 and are linked from ActiveWin.com for your convenience and is subject to Microsoft's copyright. For the most accurate information please visit the official site.

Return To The Windows 2000 Section