It is sometimes required, especially if you're developing for the enterprise editions of certain Microsoft products, which require domain accounts for service credentials.
For a new project, I am setting up a Sharepoint 2010 server and development environment in a VM running under Hyper-V.
The OS, updates and SQL instance are done so it is time to do the domain controller bit.
The Active Directory Domain Services and the DNS Server roles need to be installed before you can promote a server to a Domain Controller.
Find the Add Roles and Features Wizard in the Server Manager. On the Server Roles page, add the Active Directory Domain Services role. Accept the required role services and features.
Do the same thing and add the DNS Server role.
Unless you have specific Features requirements I would leave that page alone for now.
Adding the DNS Server role has inserted new pages in the wizard. But they are only informational AD DS and DNS Server pages.
Get through the remainder of the wizard.
Once that is all over then use the notifications to promote the server to a domain controller
This launches the Active Directory Domain Services Configuration Wizard.
Add a new forest.
There are far too many wizards around lately, by the way. Especially that one that was too stupid to learn even the basics of the platform. Rest assured that my magic is still stronger than his.
After a bit of munging it hassles you for the restore mode password. Give it a strong one, that you won't forget. Write it down and keep it in a handy drawer like in War Games.
Don't let the DNS awooga that it throws at you, phase you in any way. Fear it not. Carry on up the Wizard.
Hitting the View Script button reveals, surprise surprise, the Powershell script for an unattended setup of the thing we've just done.
It does some prerequisite checks and will no doubt try and scare you about a couple of things. Just ignore that and install.
Mine rebooted by itself. Come on, we knew it might.
When you next connect it will hassle you once again with a certificate awooga warning. Ignore it. It is your server, there is no reason not to trust it.
The next time you log in it will be as the newly created domain administrator. I'm sure the last time I did this (2008 R2) it insisted on me changing my password, but 2012 R2 has just logged me in with the old, pre-domain admin password.
Find Active Directory Users and Computers on the start menu and pin it to the task bar.
In fact, pin everything you use often to the task bar.
That is about it. You can now create domain accounts at will.
I know, all that is a bit of a faff just for the odd domain account. Stop complaining, get it done.
fin.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.