Re: AD Newbie Questions

From: Ryan Hanisco (rhanisco_at_flagshipis.com)
Date: 03/15/05 

Date: Mon, 14 Mar 2005 19:46:38 -0600

1. You are on the right track with .local. Remember that this is just an
internal namespace. You can still map hosts to a .com or .net with an
external DNS source at your ISP. Remember that though DNS and AD are
intertwined, they are separate entities and with NAT you can have multiple
identities for the same host depending on the source of the DNS query.

2. Yes. YOU HAVE TO HAVE DNS. DNS is at the core of AD and you need to
know DNS like the back of your hand if you are to be successful at any AD
implementation. There is a great book on Windows 2000 DNS (in fact, that's
the title). I highly recommend this. Remember, 90% of AD problems from
single domain test labs to multinational corporations are DNS based.

3. DHCP is not required. It is a good thing to learn and can help you grow.
While 2000/XP machines request that their hostnames be registered in your
DNS, the DHCP service can do this for you as well. Learn this and maybe
assign constant IP addresses with Reservations rather than straight DHCP.

4. Install it after so that management accounts are tied to AD accounts.
It'll just have to redo this anyway, so let it do it only once.

5. You can copy the profile over, either doing a straight copy (get the
hidden files too) or with the profile migration tool. If you are really
worried about this, you can change the registry key mapping the SID to the
profile path to be the same for both. This way it uses the same profile for
both.

Good Luck and let me know if you have other questions... 

-- 
Ryan Hanisco
MCSE, MCDBA
FlagShip Integration Services
"bonehead" <sendmenospam@here.net> wrote in message 
news:d157dg$8h8$1@gondor.sdsu.edu...
> Greetings,
>
> I am an Active Directory novice, and I originally posted this message to 
> ms.p.w.s.general, where I got good answers to most of my questions. 
> However, I'd like to see if experienced users in this group possibly have 
> second or third opinions.
>
> I am planning to set up a very small test domain. One purpose is to start 
> to learn something about Active Directory domain administration. The other 
> purpose is to have a workstation/server environment which I can use to 
> start learning .NET development.
>
> I recognize that I could probably create a suitable learning environment 
> solely for *development*, by merely installing IIS, SQL, and Studio.NET on 
> the workstation, but I would prefer, if possible, to set up a genuine 
> Active Directory workstation/server combination, so that I have the 
> opportunity to learn something about AD administration as well.
>
> I've reviewed a few books on Server2K3 (Sams, Wrox, etc.), but before I 
> promote my server to a Domain Controller, there are still a few specifics 
> where I'd appreciate some guidance. In particular, I'd be grateful for 
> comments from anyone who has experience setting up a similar test 
> environment.
>
> The following details may be relevant and helpful.
>
> I currently have two PCs connected together through a router. One PC is 
> running Server2K3 and SQL Server2K, and the other is running XP Pro. 
> Eventually this may grow to include two additional workstations. The 
> router receives a dynamic IP from my ISP, and is configured to hand out 
> static IPs to each of the two currently existing machines.
>
> Ideally, I would prefer to have the Server2K3/SQLServer2K machine running 
> AD and IIS, acting as a domain controller/application server/database 
> server. Then, I would install Studio.NET on the XP Pro workstation. As I 
> work my way through various tutorial books, I would be using the 
> workstation to build applications, and then uploading the project files to 
> the server for testing.
>
> Here are some areas where I'd like to get more clarification before I 
> proceed.
>
> 1. Regarding the Domain: I don't need accounts that can log onto the 
> domain from remote locations. There are only going to be, at most, one 
> server and three workstations in the domain, and they're all going to be 
> physically located in my office, all linked together through my router, 
> which is, in turn, linked to my ISP via my cable modem. It seems that it 
> would make sense to configure this test domain as a "mydomainname.local". 
> Does this sound reasonable, or are there reasons why I might want to 
> consider some other root domain, like .org or .net?
>
> 2. Regarding DNS: If I'm setting up a single domain with only one Domain 
> Controller, is DNS required so that the server and workstation(s) can see 
> each other within the domain? (I recognize I could probably accomplish 
> what I want by just bypassing AD altogether and creating a workgroup, but 
> the purpose of learning something about AD administration would be 
> defeated).
>
> 3. Regarding DHCP: Is it necessary/required to have DHCP turned on? If so, 
> wouldn't this conflict with my router, which is currently configured to 
> hand out static IPs to both the server and the workstation?
>
> 4. Regarding IIS: I seem to recall reading that I should install IIS 
> before installing AD, but I don't recall the rationale. Suggestions?
>
> 5. The XP Pro workstation already has a local user account with a 
> customized local profile. Once I've created a domain user account, and 
> added the computer to the domain, I'd like to copy the local profile to 
> the domain profile so that I see the same desktop, regardless of whether I 
> log on using the local account or the domain account, at least to start. 
> Of course I recognize that any subsequent changes made to one profile will 
> not be reflected in the other, unless I copy it over again after any 
> changes are made.
>
> But I do seem to recall hearing that there's a pretty easy way to copy a 
> local profile to a domain user account, although I can't remember seeing 
> documentation on that. Suggestions?
>
> Thanks in advance to anyone who provides useful responses.

Relevant Pages

  • Re: Basic Active Directory Questions
    ... Primary DC DNS service was disabled. ... Seondary DNS server has problem address with this DC ... Point your Member server and workstation to '10.81.20.19' as their prefered ...
    (microsoft.public.windows.server.active_directory)
  • Re: XP Client Connection Problem
    ... I'm not the most knowledgable about DNS but I ... > now consists of a single server and single workstation. ... > The server is Windows 2003 and is set up for DNS, ... This first client is also an XP ...
    (microsoft.public.windows.server.dns)
  • Re: "Classic logon" screen in XP does not remeber the user name
    ... John N ... I recently upgraded a workstation from Windows 2000 Pro to Windows XP Pro. ... can copy missing shortcuts to the new profile. ... you can work from the server and ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Need help please, Having trouble finding/adding users for purpose of granting permissions or add
    ... the XP Pro computer to see if it reports any errors such as dns, dclist, ... server in the preferred dns server list of tcp/ip properties an shown via ... I also setup a simulation in my lab of an XP Pro ... > workstation and a single W2K Server running as the Domain controller. ...
    (microsoft.public.win2000.security)
  • Re: Event ID 5719: No Windows NT or Windows 2000 Domain Controller is available for domain .
    ... The workstation gets its networking information from DHCP that, in turn, ... the DNS has Enable Forwarders and the ... I don't believe the problem to be at the server end though. ... security settings) I messed with and that policy has since been removed. ...
    (microsoft.public.win2000.security)