Active Directory

New Journey (Part 3)

Andre MargonoUncategorized, ,

Today I finally finished all of the configurations on my DNS and AD server, I was trying to add my other servers (SQL, CRM and SharePoint) to my new domain, unfortunately, I found a small issue:

An Active Directory Domain Controller (AD DC) for the domain “andre.local” could not be contacted.

Ensure that the domain name is typed correctly.

If the name is correct, click Details for troubleshooting information.

Note: This information is intended for a network administrator.  If you are not your network’s administrator, notify the administrator that you received this information, which has been recorded in the file C:Windowsdebugdcdiag.txt.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain “andre.local”:

The error was: “DNS name does not exist.”
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.andre.local

Common causes of this error include the following:

– The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

192.168.137.1

– One or more of the following zones do not include delegation to its child zone:

andre.local
local
. (the root zone)

This issue is quite new for me, after taking some time in troubleshooting, I decided to fix it up by set the server DNS manually:

Open Network and Sharing Center, then click Changes Adapter Settings and open the properties of Local Area Connection, and then open properties of Internet Protocol Version 4. Click on Advanced button in the bottom and select DNS tab.

Add the IP address of my DNS server and press OK.

Now go back to update the domain of the server, it will prompt username and password that has been registered in AD server. Fill it, and voila, “Welcome to andre.local domain.” It will ask to restart the computer, restart and congratulations now it connected to AD!

New Journey (Part 1)

Andre MargonoUncategorized, , , ,

Recently I decided to learn more about IT Infrastructure, especially on Dynamics CRM deployment and installation. And also installation of SharePoint Server, currently planning on installing 2010 and 2013 on different VMs. 

First step on my journey in installation of these servers is:

Prepare Active Directory for all servers to authenticate. Give my credit to howtogeek.com by providing such great step-by-step tutorial on: http://www.howtogeek.com/99323/installing-active-directory-on-server-2008-r2/

This is the content of the tutorial:

Active Directory is essential to any Microsoft network built on the client-server network model–it allows you to have a central sever called a Domain Controller (DC) that does authentication for your entire network. Instead of people logging on to the local machines they authenticate against your DC. Lets take a look at how to install Microsoft’s Active Directory.

Installation

Open Server Manager and click on roles, this will bring up the Roles Summary on the right hand side where you can click on the Add Roles link.

This will bring up the Add Roles Wizard where you can click on next to see a list of available Roles. Select Active Directory Domain Services from the list, you will be told that you need to add some features, click on the Add Required Features button and click next to move on.

A brief introduction to Active Directory will be displayed as well as a few links to additional resources, you can just click next to skip past here and click install to start installing the binaries for Active Directory.

When the installation is finished you will be shown a success message, just click close.

Configuration

Open up Server Manager, expand Roles and click on Active Directory Domain Services. On the right hand side click on the Run the Active Directory Domain Services Installation Wizard (dcpromo.exe) link.

This will kick off another wizard, this time to configure the settings for you domain, click next to continue.

The message that is shown now relates to older clients that do not support the new cryptographic algorithms supported by Server 2008 R2, these are used by default in Server 2008 R2, click next to move on.

Choose to create a new domain in a new forest.

Now you can name your domain, we will be using a .local domain the reason why will be explained in an upcoming article.

Since this is the first DC in our domain we can change our forest functional level to Server 2008 R2.

We want to include DNS in our installation as this will allow us to have an AD Integrated DNS Zone, when you click next you will be prompted with a message just click yes to continue.

You will need to choose a place to store log files, it is a best practice to store the database and SYSVOL folder on one drive and the log files on a separate drive, but since this is in a lab environment I will just leave them all on the same drive.

Choose a STRONG Active Directory Restore Mode Password and click next twice to kick off the configuration.

You will be able to see what components are being installed by looking in the following box.

When its done you will be notified and required to reboot your PC.

That’s all  there is to it guys, now you have a working installation of Active Directory.